从kubernetes中提取本地存储库docker映像 [英] Pulling local repository docker image from kubernetes

问题描述

尝试在本地环境中使用Pod安装示例容器应用程序 我正在使用Docker桌面随附的kubernates集群.

Trying to install a sample container App using Pod in my local environment I'm using kubernates cluster coming with docker desktop.

我正在使用带有YML文件的bellow命令创建Pod kubectl创建-f test_image_pull.yml

I'm creating the Pod using bellow command with the YML file kubectl create -f test_image_pull.yml

apiVersion: v1
kind: Pod
metadata:
# value must be lower case
  name: sample-python-web-app
spec:
  containers:
    - name: sample-hello-world
      image: local/sample:latest
      imagePullPolicy: Always
      command: ["echo", "SUCCESS"]

用于构建映像的docker文件，并且如果您与docker run一起运行，则该容器可以正常运行

docker file used to build the image and this container running without any issue if u run with docker run

# Use official runtime python
FROM python:2.7-slim

# set work directory to app

WORKDIR /app
# Copy current directory
COPY . /app

# install needed packages
RUN pip install --trusted-host pypi.python.org -r requirement.txt

# Make port 80 available to outside container

EXPOSE 80

# Define environment variable

ENV NAME World

# Run app.py when the container launches

CMD ["python" , "app.py"]

from flask import Flask
from redis import Redis, RedisError
import os
import socket


#connect to redis
redis = Redis(host="redis", db=0, socket_connect_timeout=2, socket_timeout=2)
app = Flask(__name__)

@app.route("/")

def hello():
    try:
       visits = redis.incr("counter")
    except RedisError:
        visits = "<i>cannot connect to Redis, counter disabled</i>"

    html = "<h3>Hello {name}!</h3>" \
            "<b>Hostname:</b> {hostname}<br/>"  \
            "<b>Visits:</b> {visits}"


    return html.format (
              name=os.getenv("NAME", "world"),
              hostname=socket.gethostname(),
              visits=visits  
            )

if __name__ == "__main__":
    app.run(host="0.0.0.0", port=80)            

Flask
Redis

一旦我描述了Pod，它就会在错误下方显示给我

Once I describe the pod it shows me below error

kubectl描述了pod sample-python-web-app

kubectl describe pod sample-python-web-app

Events:
  Type     Reason     Age                  From                     Message
  ----     ------     ----                 ----                     -------
  Normal   Scheduled  3m25s                default-scheduler        Successfully assigned default/sample-python-web-app to docker-desktop
  Normal   Pulling    97s (x4 over 3m22s)  kubelet, docker-desktop  Pulling image "local/sample:latest"
  Warning  Failed     94s (x4 over 3m17s)  kubelet, docker-desktop  Failed to pull image "local/sample:latest": rpc error: code = Unknown desc = Error response from daemon: pull access denied for local/sample, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
  Warning  Failed     94s (x4 over 3m17s)  kubelet, docker-desktop  Error: ErrImagePull
  Normal   BackOff    78s (x6 over 3m16s)  kubelet, docker-desktop  Back-off pulling image "local/sample:latest"
  Warning  Failed     66s (x7 over 3m16s)  kubelet, docker-desktop  Error: ImagePullBackOff

推荐答案

Kubernetes从Docker注册表中提取容器映像.根据 doc :

Kubernetes pulls container images from a Docker Registry. Per the doc:

您创建Docker映像并将其推送到注册表之前， 在Kubernetes窗格中引用它.

You create your Docker image and push it to a registry before referring to it in a Kubernetes pod.

此外:

容器的image属性支持与 docker命令执行此操作，包括私有注册表和标签.

The image property of a container supports the same syntax as the docker command does, including private registries and tags.

因此，在pod的规范中引用映像的方式-"image:local/sample:latest"-Kubernetes在Docker Hub上查找名为 "local"的存储库中的映像.

So, the way the image is referenced in the pod's spec - "image: local/sample:latest" - Kubernetes looks on Docker Hub for the image in repository named "local".

您可以将映像推送到Docker Hub或其他公共或私有Docker外部注册表；您可以在Kubernetes集群上托管Docker Registry;或者，您可以在容器中本地运行Docker Registry.

You can push the image to Docker Hub or some other external Docker Registry, public or private; you can host Docker Registry on the Kubernetes cluster; or, you can run a Docker Registry locally, in a container.

要在本地运行Docker注册表:

docker run -d -p 5000:5000 --restart=always --name registry registry:2

接下来，找到主机的IP地址是什么-下面，我将以10.0.2.1为例.

Next, find what is the IP address of the host - below I'll use 10.0.2.1 as an example.

然后，假设图像名称为"local/sample:latest"，则标记图像:

Then, assuming the image name is "local/sample:latest", tag the image:

docker tag local/sample:latest 10.0.2.1:5000/local/sample:latest

...并将映像推送到本地注册表:

...and push the image to the local registry:

docker push 10.0.2.1:5000/local/sample:latest

接下来，在pod的配置YAML中更改如何引用图像-从

Next, change in pod's configuration YAML how the image is referenced - from

    image: local/sample:latest

到

    image: 10.0.2.1:5000/local/sample:latest

重新启动广告连播.

很有可能必须将本地Docker守护程序配置为将本地Docker注册表视为此处中描述了一种配置方式-只需将"myregistrydomain.com"替换为主机的IP(例如10.0.2.1). Docker Desktop还允许通过GUI编辑守护程序的配置文件 .

Most likely the local Docker daemon will have to be configured to treat the local Docker registry as insecure. One way to configure that is described here - just replace "myregistrydomain.com" with the host's IP (e.g. 10.0.2.1). Docker Desktop also allows to edit daemon's configuration file through the GUI.

这篇关于从kubernetes中提取本地存储库docker映像的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！