k8s 使用私有仓库镜像

原创

X糊涂仙儿 2024-04-22 21:57:22 博主文章分类：kubernetes ©著作权

文章标签 docker json nginx 文章分类 运维

©著作权归作者所有：来自51CTO博客作者X糊涂仙儿的原创作品，请联系作者获取转载授权，否则将追究法律责任

一、私有仓库搭建

二、使用命令登陆Harbor

docker daemon.json 配置

{
  "registry-mirrors": ["https://w0ckwo1v.mirror.aliyuncs.com"],
  "insecure-registries":["192.168.100.63"]                         //docker push pull 使用http
}

docker login -u admin -p Harbor12345 http://192.168.100.63

#config.json 配置，使用此配置生成key
[root@node02 ~]# cat ~/.docker/config.json 
{
	"auths": {
		"192.168.100.63": {
			"auth": "YWRtaW46SGFyYm9yMTIzNDU="
		}
	},
	"HttpHeaders": {
		"User-Agent": "Docker-Client/18.09.9 (linux)"
	}
}
#生成key
base64 -w 0 ~/.docker/config.json
ewoJImF1dGhzIjogewoJCSIxOTIuMTY4LjEwMC42MyI6IHsKCQkJImF1dGgiOiAiWVdSdGFXNDZTR0Z5WW05eU1USXpORFU9IgoJCX0KCX0sCgkiSHR0cEhlYWRlcnMiOiB7CgkJIlVzZXItQWdlbnQiOiAiRG9ja2VyLUNsaWVudC8xOC4wOS45IChsaW51eCkiCgl9Cn0=

三、k8s 使用yml文件创建secret，并调用key

1、编缉 secret.yml文件

vim secret.yml
apiVersion: v1
kind: Secret
metadata:
  name: secret
  namespace: default
data:
    .dockerconfigjson: ewoJImF1dGhzIjogewoJCSIxOTIuMTY4LjEwMC42MyI6IHsKCQkJImF1dGgiOiAiWVdSdGFXNDZTR0Z5WW05eU1USXpORFU9IgoJCX0KCX0sCgkiSHR0cEhlYWRlcnMiOiB7CgkJIlVzZXItQWdlbnQiOiAiRG9ja2VyLUNsaWVudC8xOC4wOS45IChsaW51eCkiCgl9Cn0=
type: kubernetes.io/dockerconfigjson

2、创建key

k8s 使用私有仓库镜像_docker

3、创建pod 拉取镜像

[root@master nginx]# cat pods.yml 
apiVersion: v1
kind: Pod
metadata:
  name: mypod
spec:
  containers:
    - name: mycontainer
      image: 192.168.100.63/test/nginx:latest
      ports:
        - containerPort: 80
  imagePullSecrets:
    - name: secret