无法直接在国内网络环境下从k8s.gcr.io下载镜像问题
部署K8S最大的难题是镜像下载,在国内无FQ环境情况下很难从k8s.gcr.io等镜像源里下载镜像。
这种情况下正确做法是:
1. 直接指定国内镜像代理仓库(如阿里云代理仓库)进行镜像拉取下载。
2. 成功拉取代理仓库中的镜像后,再将其tag打标签成为k8s.gcr.io对应镜像。
3. 最后再删除从代理仓库中拉取下来的镜像。
4. 要确保imagePullPolicy策略是IfNotPresent,即本地有镜像则使用本地镜像,不拉取!
或者将下载的镜像放到harbor私有仓库里,然后将image下载源指向harbor私仓地址。
阿里云代理仓库地址为:registry.aliyuncs.com/google_containers
比如下载
k8s.gcr.io/coredns:1.6.5
可以代理为:
registry.aliyuncs.com/google_containers/coredns:1.6.5
下面以阿里云代理仓库为例进行说明:
比如下载k8s.gcr.io/coredns:1.6.5镜像,在国内默认是下载失败的! [root@k8s-vm01 coredns]# pwd /opt/k8s/work/kubernetes/cluster/addons/dns/coredns [root@k8s-vm01 coredns]# fgrep "image" ./* ./coredns.yaml: image: k8s.gcr.io/coredns:1.6.5 ./coredns.yaml: imagePullPolicy: IfNotPresent [root@k8s-vm03 ~]# docker pull k8s.gcr.io/coredns:1.6.5 Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers) 这时候去指定国内的阿里云镜像代理仓库进行下载 [root@k8s-vm03 ~]# docker pull registry.aliyuncs.com/google_containers/coredns:1.6.5 1.6.5: Pulling from google_containers/coredns c6568d217a00: Pull complete fc6a9081f665: Pull complete Digest: sha256:608ac7ccba5ce41c6941fca13bc67059c1eef927fd968b554b790e21cc92543c Status: Downloaded newer image for registry.aliyuncs.com/google_containers/coredns:1.6.5 registry.aliyuncs.com/google_containers/coredns:1.6.5 然后打tag,并删除之前从代理仓库下载的镜像 [root@k8s-vm03 ~]# docker tag registry.aliyuncs.com/google_containers/coredns:1.6.5 k8s.gcr.io/coredns:1.6.5 [root@k8s-vm03 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE k8s.gcr.io/coredns 1.6.5 70f311871ae1 5 months ago 41.6MB registry.aliyuncs.com/google_containers/coredns 1.6.5 70f311871ae1 5 months ago 41.6MB [root@k8s-vm03 ~]# docker rmi registry.aliyuncs.com/google_containers/coredns:1.6.5 Untagged: registry.aliyuncs.com/google_containers/coredns:1.6.5 Untagged: registry.aliyuncs.com/google_containers/coredns@sha256:608ac7ccba5ce41c6941fca13bc67059c1eef927fd968b554b790e21cc92543c [root@k8s-vm03 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE k8s.gcr.io/coredns 1.6.5 70f311871ae1 5 months ago 41.6MB 最终发现我们想要的k8s.gcr.io/coredns:1.6.5镜像被成功下载下来了! 最后要记得: 确定imagePullPolicy镜像下载策略是IfNotPresent,即本地有镜像则使用本地镜像,不拉取! 或者将下载好的镜像放到harbor私有仓库里,然后将image下载地址指向harbor仓库地址。
以上总结三个步骤:
# docker pull registry.aliyuncs.com/google_containers/coredns:1.6.5 # docker tag registry.aliyuncs.com/google_containers/coredns:1.6.5 k8s.gcr.io/coredns:1.6.5 # docker rmi registry.aliyuncs.com/google_containers/coredns:1.6.5
*************** 当你发现自己的才华撑不起野心时,就请安静下来学习吧!***************