I have the following image created by a Dockerfile:
我有一个Dockerfile创建的以下图像:
REPOSITORY TAG IMAGE ID CREATED SIZE
ruby/lab latest f1903b1508cb 2 hours ago 729.6 MB
And I have my following YAML file:
我有以下YAML文件:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: ruby-deployment
spec:
replicas: 2
template:
metadata:
labels:
app: ruby
spec:
containers:
- name: ruby-app
image: ruby/lab
imagePullPolicy: IfNotPresent
ports:
- containerPort: 4567
When I create the deployment I got the following info in the pods:
当我创建展开时,我在Pod中获得了以下信息:
ruby-deployment-3830038651-sa4ii 0/1 ImagePullBackOff 0 7m
ruby-deployment-3830038651-u1tvc 0/1 ImagePullBackOff 0 7m
And the error Failed to pull image "ruby/lab:latest": Error: image ruby/lab not found
from below:
错误拉取图片ruby/Lab:LATEST失败:错误:找不到下面的ruby/Lab图片:
8m 2m 6 {kubelet minikube} spec.containers{ruby} Normal Pulling pulling image "ruby/lab:latest"
8m 2m 6 {kubelet minikube} spec.containers{ruby} Warning Failed Failed to pull image "ruby/lab:latest": Error: image ruby/lab not found
8m 2m 6 {kubelet minikube} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "ruby" with ErrImagePull: "Error: image ruby/lab not found"
Is really necessary to have registry in docker for this? I just want to make test locally and pass my code/repo to a friend for testing purposes
真的有必要在docker中进行注册吗?我只想在本地进行测试,并将我的代码/repo传递给朋友进行测试
Thanks
谢谢
更多回答
You can point your docker client to the VM's docker daemon by running
您可以通过运行以下命令将停靠客户端指向虚拟机的停靠守护进程
eval $(minikube docker-env)
Then you can build your image normally and create your kubernetes resources normally using kubectl. Make sure that you have
然后您就可以正常构建您的镜像,并正常使用kubectl创建您的Kubernetes资源。确保你有
imagePullPolicy: IfNotPresent
in your YAML or JSON specs.
在您的YAML或JSON规范中。
Additionally, there is a flag to pass in insecure registries to the minikube VM. However, this must be specified the first time you create the machine.
此外,还有一个标志用于将不安全的注册表传递给mini kube VM。但是,这必须在您第一次创建计算机时指定。
minikube start --insecure-registry
You may also want to read this when using a private registry
http://kubernetes.io/docs/user-guide/images/
在使用私有注册表http://kubernetes.io/docs/user-guide/images/时,您可能还想阅读本文
AFAIR minikube runs in a VM hence it will not see the images you've built locally on a host machine, but... as stated in https://github.com/kubernetes/minikube/blob/master/docs/reusing_the_docker_daemon.md you can use eval $(minikube docker-env)
to actually utilise docker daemon running on minikube, and henceforth build your image on the minikubes docker and thus expect it to be available to the minikubes k8s engine without pulling from external registry
Afair mini kube在一个VM中运行,因此它不会看到您在主机上本地构建的镜像,但是...如https://github.com/kubernetes/minikube/blob/master/docs/reusing_the_docker_daemon.md中所述,您可以使用val$(mini kube docker-env)来实际利用在mini kube上运行的docker守护进程,并从此在mini kube docker上构建您的映像,从而无需从外部注册表获取它即可用于mini kube K8s引擎
To use an image without uploading it, you can follow these steps:
It is important that you be in same shell since you are setting environment variables!
要在不上传图像的情况下使用它,您可以按照以下步骤操作:因为您正在设置环境变量,所以在同一个Shell中是很重要的!
- Set the environment variables with eval $(minikube docker-env)
- Build the image (eg docker build -t my-image .)
- Set the image in the pod spec like the build tag (eg my-image)
- Set the imagePullPolicy to Never, otherwise, Kubernetes will try to download the image.
I ran in a similar issue with minikube v1.9.2, Kubernetes v1.18.0, Docker 19.03.2 on Centos 8.1.1911. All in a single machine used for develop, I chosen for a local insecure docker registry.
我在CentOS 8.1.1911上的mini kube v1.9.2、Kubernetes v1.18.0、Docker 19.03.2上遇到了类似的问题。在一台用于开发的单机上,我选择了一个本地不安全的docker注册表。
The following steps were useful for me to share the local insecure docker registry with local kubernetes/minikube env and to allow kube nodes (and also minikube) to reach Internet:
以下步骤有助于我与本地Kubernetes/mini kube env共享本地不安全的docker注册中心,并允许Kube节点(以及mini kube)访问互联网:
- Disable the firewalld in order to make DNS resolution work inside
Docker containers with (reboot required):
systemctl disable firewalld
Otherwise during minikube startup it is prompted the following:
VM may be unable to resolve external DNS records
VM is unable to access k8s.gcr.io, you may need to configure a proxy or set --image-repository.
I wasted several days on this.
- Retrieve the IP of the network interface created and used
by docker, in my case I have docker0
interface name with IP 172.17.0.1
. The local insecure registry will be exposed to minikube on this IP.
- Configure Docker to read/write from insecure registry by adding the
following in /etc/docker/daemon.json
:
{"insecure-registries" : ["172.17.0.1:5000"]}
- Restart Docker:
systemctl restart docker.service
- Run minikube with
minikube start --insecure-registry="172.17.0.1:5000"
(if already running or yet started, run minikube delete
before to start)
- Build, tag and push your application in the local insecure registry:
docker build -t mydemo/demo .
docker tag mydemo/demo 172.17.0.1:5000/myminikubedemo
docker push 172.17.0.1:5000/myminikubedemo
- Now when you create the deployment.yaml descriptor for your application put the correct
image path and then apply:
kubectl create deployment mydemo --image=172.17.0.1:5000/myminikubedemo --dry-run=client -o=yaml > deployment.yaml
kubectl apply -f deployment.yaml
In my case, the minikube VM can not pull the images even though they are stored locally and the imagePullPolicy
is set to Never
.
在我的例子中,mini kube VM无法拉取映像,即使它们存储在本地,并且ImagePullPolicy设置为Never。
My workaround solution is creating a local docker repository and pushing these images to that repository. Then, specify the image as follow: localhost:5000/image/name
. Sources: https://minikube.sigs.k8s.io/docs/handbook/registry/#docker-on-macos
我的变通解决方案是创建一个本地Docker存储库,并将这些图像推送到该存储库。然后,按如下方式指定映像:本地主机:5000/图像/名称。资料来源:https://minikube.sigs.k8s.io/docs/handbook/registry/#docker-on-macos
In my case, I have setup k8s cluster with kubeadm.
so, if you want to use local image to run pod do below things.
在我的例子中,我使用kubeadm设置了K8集群。因此,如果您想使用本地映像来运行Pod,请执行以下操作。
If you have docker image, create tar file of image by using below command.
如果你有docker图片,用下面的命令创建图片的tar文件。
docker save <image-name> -o <filename.tar>
If you have containerd image, create tar file of image by using below command.
如果您有容器镜像,使用下面的命令创建镜像的tar文件。
ctr image export <output-filename> <image-name>
After transferring the standalone archives to the other systems (using whatever means you prefer; I used scp), then load (or import) the images into containerd with this command:
将独立归档文件传输到其他系统后(使用您喜欢的任何方式;我使用SCP),然后使用以下命令将映像加载(或导入)到容器中:
ctr -n=k8s.io images import <filename-from-previous-step>
Verify that the image(s) are present and recognized by containerd using
使用以下命令验证映像(S)是否存在并被容器识别
ctr image ls
Note that you may not be able to list this image (imported for k8s) using ctr image ls.
请注意,您可能无法使用CTR镜像列出此镜像(为K8导入)。
Here's an alternative solution to do it manually:
以下是手动完成此操作的替代解决方案:
1 - make a .tar file of the respective docker image:
1-为各自的扩展底座映像创建.tar文件:
docker save -o nginx.tar nginx:1.19.0-alpine
2 - SSH to the minikube VM:
2-通过SSH连接到Minikube VM:
minikube ssh
3 - load the docker image:
3-加载扩展底座映像:
docker load -i /path/to/nginx.tar
docker pull , pulls all images manually in every node
or
run a DaemonSet to pull all images
Docker拉取,手动拉取每个节点中的所有图像或运行守护程序集以拉取所有图像
更多回答
@CPB can you mark this as the answer if it solved your issue please?
@CPB如果这解决了你的问题,你能把它标记为答案吗?
that worked for me without minikube start --insecure-registry
. It was not clear for me where to put imagePullPolicy, but I found out. That should be in your deployment.yaml .spec.template.containers.imagePullPolicy
这对我来说很管用,没有mini kube启动--不安全--注册。我不清楚把ImagePullPolicy放在哪里,但我发现了。这应该在您的部署中。yaml.spec.template.tainers.ImagePullPolicy
What if I don't use minikube but want to upload the image to a remote cluster? Can kubectl upload the image?
如果我不使用mini kube,但想要将映像上传到远程集群,该怎么办?Kubectl可以上传图片吗?
@MattRickard : I don't use minikube, I use kubectl, kubernetes cluster, I don't have a docker image registry. Can I use local image for deployment ?
@MattRickard:我不使用mini kube,我使用kubectl,Kubernetes集群,我没有docker镜像仓库。我是否可以使用本地映像进行部署?
minikube start --insecure-registry true
Mini kube启动--不安全-注册表为真
I don't use minikube, I use kubectl, kubernetes. How can I fix this ?
我不用mini kube,我用kubectl,kubernetes。我怎么才能解决这个问题呢?
I did this, but it still can't find the local image.
我这样做了,但它仍然找不到当地的图像。
If you're publishing your image using SBT and SBT is running as an existing daemon process that was spawned in another process space then it would not inherit the environment defined by minikube docker-env
如果您使用SBT发布映像,并且SBT作为在另一个进程空间中派生的现有守护进程运行,则它不会继承mini kube docker-env定义的环境
我是一名优秀的程序员,十分优秀!