我正在尝试从 ACR 中提取图像,但我总是收到此错误
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 22s default-scheduler Successfully assigned default/deployment-name-8659d4b797-c6wcx to minikube
Normal BackOff 19s kubelet Back-off pulling image "somename.azurecr.io/someimage:latest"
Warning Failed 19s kubelet Error: ImagePullBackOff
Normal Pulling 6s (x2 over 21s) kubelet Pulling image "somename.azurecr.io/someimage:latest"
Warning Failed 4s (x2 over 19s) kubelet Failed to pull image "somename.azurecr.io/someimage:latest": rpc error: code = Unknown desc = Error response from daemon: Head "https://somename.azurecr.io/v2/someimage/manifests/latest": unauthorized: authentication required, visit https://aka.ms/acr/authorization for more information.
Warning Failed 4s (x2 over 19s) kubelet Error: ErrImagePull
这是我的
deployment-name.yml
文件
apiVersion: apps/v1
kind: Deployment
metadata:
name: appname-deployment
labels:
app: appname
spec:
replicas: 1
selector:
matchLabels:
app: appname
template:
metadata:
labels:
app: appname
spec:
containers:
- name: appname
image: somename.azurecr.io/someimage:latest
ports:
- containerPort: 8082
env:
- name: CORE_PORT
valueFrom:
configMapKeyRef:
name: my-config-map
key: CORE_PORT
imagePullSecrets:
- name: wc1
---
apiVersion: v1
kind: Service
metadata:
name: appname-service
spec:
selector:
app: appname
ports:
- protocol: TCP
port: 8082
targetPort: 8082
我知道这个问题已经被问过很多次了,但我还是不明白。
令人惊讶的是,
docker pull somename.azurecr.io/someimage:latest
效果非常好。
我已经尝试过了
为 #2 创建秘密的命令是
kubectl create secret docker-registry wc1 \
--docker-server=somename.azurecr.io \
--docker-username=somename \
--docker-password=admin_password
有人可以指出我如何解决该错误吗?
如果您使用的是 Azure CLI,则可以使用带有
az aks update
参数的 --attach-acr
命令将现有 ACR 与现有 AKS 群集集成:
# Attach using acr-name
az aks update --name myAKSCluster --resource-group myResourceGroup --attach-acr <acr-name>
# Attach using acr-resource-id
az aks update --name myAKSCluster --resource-group myResourceGroup --attach-acr <acr-resource-id>
请参阅 通过 Azure Kubernetes 服务 (AKS) 使用 Azure 容器注册表 (ACR) 进行身份验证