个人中心
gpt4 book ai didi

Pull a local image to run a pod in Kubernetes(拉取本地镜像在Kubernetes中运行Pod)

转载 作者:bug小助手 更新时间:2023-10-25 12:27:12 30 4
gpt4 key购买 nike



I have the following image created by a Dockerfile:

我有一个Dockerfile创建的以下图像:



REPOSITORY   TAG      IMAGE ID       CREATED       SIZE 
ruby/lab     latest   f1903b1508cb   2 hours ago   729.6 MB


And I have my following YAML file:

我有以下YAML文件:



apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: ruby-deployment
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: ruby
    spec:
      containers:
      - name: ruby-app
        image: ruby/lab
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 4567


When I create the deployment I got the following info in the pods:

当我创建展开时,我在Pod中获得了以下信息:



ruby-deployment-3830038651-sa4ii   0/1       ImagePullBackOff   0          7m
ruby-deployment-3830038651-u1tvc   0/1       ImagePullBackOff   0          7m


And the error Failed to pull image "ruby/lab:latest": Error: image ruby/lab not found from below:

错误拉取图片ruby/Lab:LATEST失败:错误:找不到下面的ruby/Lab图片:



 8m            2m              6       {kubelet minikube}      spec.containers{ruby}   Normal          Pulling         pulling image "ruby/lab:latest"
 8m            2m              6       {kubelet minikube}      spec.containers{ruby}   Warning         Failed          Failed to pull image "ruby/lab:latest": Error: image ruby/lab not found
 8m            2m              6       {kubelet minikube}                              Warning         FailedSync      Error syncing pod, skipping: failed to "StartContainer" for "ruby" with ErrImagePull: "Error: image ruby/lab not found"


Is really necessary to have registry in docker for this? I just want to make test locally and pass my code/repo to a friend for testing purposes

真的有必要在docker中进行注册吗?我只想在本地进行测试,并将我的代码/repo传递给朋友进行测试



Thanks

谢谢


更多回答
优秀答案推荐

You can point your docker client to the VM's docker daemon by running

您可以通过运行以下命令将停靠客户端指向虚拟机的停靠守护进程



eval $(minikube docker-env)


Then you can build your image normally and create your kubernetes resources normally using kubectl. Make sure that you have

然后您就可以正常构建您的镜像,并正常使用kubectl创建您的Kubernetes资源。确保你有



imagePullPolicy: IfNotPresent


in your YAML or JSON specs.

在您的YAML或JSON规范中。



Additionally, there is a flag to pass in insecure registries to the minikube VM. However, this must be specified the first time you create the machine.

此外,还有一个标志用于将不安全的注册表传递给mini kube VM。但是,这必须在您第一次创建计算机时指定。



minikube start --insecure-registry


You may also want to read this when using a private registry
http://kubernetes.io/docs/user-guide/images/

在使用私有注册表http://kubernetes.io/docs/user-guide/images/时,您可能还想阅读本文



AFAIR minikube runs in a VM hence it will not see the images you've built locally on a host machine, but... as stated in https://github.com/kubernetes/minikube/blob/master/docs/reusing_the_docker_daemon.md you can use eval $(minikube docker-env) to actually utilise docker daemon running on minikube, and henceforth build your image on the minikubes docker and thus expect it to be available to the minikubes k8s engine without pulling from external registry

Afair mini kube在一个VM中运行,因此它不会看到您在主机上本地构建的镜像,但是...如https://github.com/kubernetes/minikube/blob/master/docs/reusing_the_docker_daemon.md中所述,您可以使用val$(mini kube docker-env)来实际利用在mini kube上运行的docker守护进程,并从此在mini kube docker上构建您的映像,从而无需从外部注册表获取它即可用于mini kube K8s引擎



To use an image without uploading it, you can follow these steps:
It is important that you be in same shell since you are setting environment variables!

要在不上传图像的情况下使用它,您可以按照以下步骤操作:因为您正在设置环境变量,所以在同一个Shell中是很重要的!




  1. Set the environment variables with eval $(minikube docker-env)

  2. Build the image (eg docker build -t my-image .)

  3. Set the image in the pod spec like the build tag (eg my-image)

  4. Set the imagePullPolicy to Never, otherwise, Kubernetes will try to download the image.



I ran in a similar issue with minikube v1.9.2, Kubernetes v1.18.0, Docker 19.03.2 on Centos 8.1.1911. All in a single machine used for develop, I chosen for a local insecure docker registry.

我在CentOS 8.1.1911上的mini kube v1.9.2、Kubernetes v1.18.0、Docker 19.03.2上遇到了类似的问题。在一台用于开发的单机上,我选择了一个本地不安全的docker注册表。



The following steps were useful for me to share the local insecure docker registry with local kubernetes/minikube env and to allow kube nodes (and also minikube) to reach Internet:

以下步骤有助于我与本地Kubernetes/mini kube env共享本地不安全的docker注册中心,并允许Kube节点(以及mini kube)访问互联网:




  1. Disable the firewalld in order to make DNS resolution work inside
    Docker containers with (reboot required):
    systemctl disable firewalld

    Otherwise during minikube startup it is prompted the following:

    VM may be unable to resolve external DNS records

    VM is unable to access k8s.gcr.io, you may need to configure a proxy or set --image-repository.
    I wasted several days on this.

  2. Retrieve the IP of the network interface created and used
    by docker, in my case I have docker0 interface name with IP 172.17.0.1. The local insecure registry will be exposed to minikube on this IP.

  3. Configure Docker to read/write from insecure registry by adding the
    following in /etc/docker/daemon.json:

    {"insecure-registries" : ["172.17.0.1:5000"]}

  4. Restart Docker:
    systemctl restart docker.service

  5. Run minikube with

    minikube start --insecure-registry="172.17.0.1:5000"

    (if already running or yet started, run minikube delete before to start)

  6. Build, tag and push your application in the local insecure registry:

    docker build -t mydemo/demo .

    docker tag mydemo/demo 172.17.0.1:5000/myminikubedemo

    docker push 172.17.0.1:5000/myminikubedemo

  7. Now when you create the deployment.yaml descriptor for your application put the correct
    image path and then apply:

    kubectl create deployment mydemo --image=172.17.0.1:5000/myminikubedemo --dry-run=client -o=yaml > deployment.yaml
    kubectl apply -f deployment.yaml



In my case, the minikube VM can not pull the images even though they are stored locally and the imagePullPolicy is set to Never.

在我的例子中,mini kube VM无法拉取映像,即使它们存储在本地,并且ImagePullPolicy设置为Never。


My workaround solution is creating a local docker repository and pushing these images to that repository. Then, specify the image as follow: localhost:5000/image/name. Sources: https://minikube.sigs.k8s.io/docs/handbook/registry/#docker-on-macos

我的变通解决方案是创建一个本地Docker存储库,并将这些图像推送到该存储库。然后,按如下方式指定映像:本地主机:5000/图像/名称。资料来源:https://minikube.sigs.k8s.io/docs/handbook/registry/#docker-on-macos



In my case, I have setup k8s cluster with kubeadm.
so, if you want to use local image to run pod do below things.

在我的例子中,我使用kubeadm设置了K8集群。因此,如果您想使用本地映像来运行Pod,请执行以下操作。


If you have docker image, create tar file of image by using below command.

如果你有docker图片,用下面的命令创建图片的tar文件。


docker save <image-name> -o <filename.tar>

If you have containerd image, create tar file of image by using below command.

如果您有容器镜像,使用下面的命令创建镜像的tar文件。


ctr image export <output-filename> <image-name>

After transferring the standalone archives to the other systems (using whatever means you prefer; I used scp), then load (or import) the images into containerd with this command:

将独立归档文件传输到其他系统后(使用您喜欢的任何方式;我使用SCP),然后使用以下命令将映像加载(或导入)到容器中:


ctr -n=k8s.io images import <filename-from-previous-step>

Verify that the image(s) are present and recognized by containerd using

使用以下命令验证映像(S)是否存在并被容器识别


ctr image ls

Note that you may not be able to list this image (imported for k8s) using ctr image ls.

请注意,您可能无法使用CTR镜像列出此镜像(为K8导入)。



Here's an alternative solution to do it manually:

以下是手动完成此操作的替代解决方案:


1 - make a .tar file of the respective docker image:

1-为各自的扩展底座映像创建.tar文件:


docker save -o nginx.tar nginx:1.19.0-alpine

2 - SSH to the minikube VM:

2-通过SSH连接到Minikube VM:


minikube ssh

3 - load the docker image:

3-加载扩展底座映像:


docker load -i /path/to/nginx.tar


docker pull , pulls all images manually in every node
or
run a DaemonSet to pull all images

Docker拉取,手动拉取每个节点中的所有图像或运行守护程序集以拉取所有图像


更多回答

@CPB can you mark this as the answer if it solved your issue please?

@CPB如果这解决了你的问题,你能把它标记为答案吗?

that worked for me without minikube start --insecure-registry. It was not clear for me where to put imagePullPolicy, but I found out. That should be in your deployment.yaml .spec.template.containers.imagePullPolicy

这对我来说很管用,没有mini kube启动--不安全--注册。我不清楚把ImagePullPolicy放在哪里,但我发现了。这应该在您的部署中。yaml.spec.template.tainers.ImagePullPolicy

What if I don't use minikube but want to upload the image to a remote cluster? Can kubectl upload the image?

如果我不使用mini kube,但想要将映像上传到远程集群,该怎么办?Kubectl可以上传图片吗?

@MattRickard : I don't use minikube, I use kubectl, kubernetes cluster, I don't have a docker image registry. Can I use local image for deployment ?

@MattRickard:我不使用mini kube,我使用kubectl,Kubernetes集群,我没有docker镜像仓库。我是否可以使用本地映像进行部署?

minikube start --insecure-registry true

Mini kube启动--不安全-注册表为真

I don't use minikube, I use kubectl, kubernetes. How can I fix this ?

我不用mini kube,我用kubectl,kubernetes。我怎么才能解决这个问题呢?

I did this, but it still can't find the local image.

我这样做了,但它仍然找不到当地的图像。

If you're publishing your image using SBT and SBT is running as an existing daemon process that was spawned in another process space then it would not inherit the environment defined by minikube docker-env

如果您使用SBT发布映像,并且SBT作为在另一个进程空间中派生的现有守护进程运行,则它不会继承mini kube docker-env定义的环境

30 4 0
文章推荐: How to check if a radio button has a value (has been checked at least one) on click of a button(如何在单击按钮时检查单选按钮是否有值(至少选中了一个))
文章推荐: SwiftData @Query with #Predicate on Relationship Model(关系模型上带有#谓词的SwiftData@Query)
文章推荐: ReactJS header tags in different pages(不同页面中的ReactJS Header标签)
文章推荐: Django ModelForm: Insert blank choice into many form fields(Django ModelForm:在多个表单域中插入空白选项)
bug小助手
个人简介

我是一名优秀的程序员,十分优秀!

作者热门文章
滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com