OpenShift-用于导入图像的凭据查找 [英] OpenShift - Credentials look-up for importing image
问题描述
我可以使用以下步骤从RedHat-registry.redhat.io/rhel8/redis-5
启动带有Redis映像的应用程序.
I am able to a launch an application with the Redis image from RedHat - registry.redhat.io/rhel8/redis-5
using the following steps.
- 在RedHat中创建服务帐户 https://access.redhat.com/
- 为该帐户创建令牌后,下载YAML(请参阅下文)以获取图像拉密钥.
- 使用YAML文件创建密钥.
- 导入图像.
- Create a service account at RedHat https://access.redhat.com/
- Download the YAML (see below) for image pull secret once a token is created for that account.
- Use the YAML file to create a secret.
- Import the image.
apiVersion: v1
kind: Secret
metadata:
name: accoutNum-userName-pull-secret
data:
.dockerconfigjson: token-value....long........string
type: kubernetes.io/dockerconfigjson
添加秘密并导入图片:
oc create -f secret.yaml
oc import-image rhel8/redis-5 --from=registry.redhat.io/rhel8/redis-5 --confirm
图像元数据已导入:
oc get is
NAME DOCKER REPO TAGS UPDATED
redis-5 172.30.1.1:5000/project/redis-5 latest About a minute ago
我不清楚import语句如何找到要使用的机密.
I am not clear how the import statement locates the secret to be used.
推荐答案
如果在拉/推图像时需要注册表进行身份验证,则OpenShift会自动从同一名称空间(项目)中的kubernetes.io/dockerconfigjson
类型进行身份验证.因此,如果您需要访问多个外部注册表,则只需使用每个注册表的凭据创建匹配的机密.
OpenShift lookup automatically the authentication from type of kubernetes.io/dockerconfigjson
in the same namespace(project) if the registry is required authentication when pulling/push images. So if you need to access multiple external registry, then just create matched secret with the credential per registry.
我希望它能对您有所帮助,谢谢.
I hope it help you, thanks.
这篇关于OpenShift-用于导入图像的凭据查找的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!