无法直接在国内网络环境下从k8s.gcr.io下载镜像问题

 

部署K8S最大的难题是镜像下载,在国内无FQ环境情况下很难从k8s.gcr.io等镜像源里下载镜像。
这种情况下正确做法是:
1. 直接指定国内镜像代理仓库(如阿里云代理仓库)进行镜像拉取下载。
2. 成功拉取代理仓库中的镜像后,再将其tag打标签成为k8s.gcr.io对应镜像。
3. 最后再删除从代理仓库中拉取下来的镜像。
4. 要确保imagePullPolicy策略是IfNotPresent,即本地有镜像则使用本地镜像,不拉取!
    或者将下载的镜像放到harbor私有仓库里,然后将image下载源指向harbor私仓地址。
 
阿里云代理仓库地址为:registry.aliyuncs.com/google_containers
比如下载
k8s.gcr.io/coredns:1.6.5
可以代理为:
registry.aliyuncs.com/google_containers/coredns:1.6.5
 
下面以阿里云代理仓库为例进行说明:
比如下载k8s.gcr.io/coredns:1.6.5镜像,在国内默认是下载失败的!

[root@k8s-vm01 coredns]# pwd
/opt/k8s/work/kubernetes/cluster/addons/dns/coredns
[root@k8s-vm01 coredns]# fgrep "image" ./*
./coredns.yaml:        image: k8s.gcr.io/coredns:1.6.5
./coredns.yaml:        imagePullPolicy: IfNotPresent

[root@k8s-vm03 ~]# docker pull k8s.gcr.io/coredns:1.6.5
Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)

这时候去指定国内的阿里云镜像代理仓库进行下载
[root@k8s-vm03 ~]# docker pull registry.aliyuncs.com/google_containers/coredns:1.6.5
1.6.5: Pulling from google_containers/coredns
c6568d217a00: Pull complete
fc6a9081f665: Pull complete
Digest: sha256:608ac7ccba5ce41c6941fca13bc67059c1eef927fd968b554b790e21cc92543c
Status: Downloaded newer image for registry.aliyuncs.com/google_containers/coredns:1.6.5
registry.aliyuncs.com/google_containers/coredns:1.6.5

然后打tag,并删除之前从代理仓库下载的镜像
[root@k8s-vm03 ~]# docker tag registry.aliyuncs.com/google_containers/coredns:1.6.5 k8s.gcr.io/coredns:1.6.5

[root@k8s-vm03 ~]# docker images
REPOSITORY                                        TAG                 IMAGE ID            CREATED             SIZE
k8s.gcr.io/coredns                                1.6.5               70f311871ae1        5 months ago        41.6MB
registry.aliyuncs.com/google_containers/coredns   1.6.5               70f311871ae1        5 months ago        41.6MB

[root@k8s-vm03 ~]# docker rmi registry.aliyuncs.com/google_containers/coredns:1.6.5
Untagged: registry.aliyuncs.com/google_containers/coredns:1.6.5
Untagged: registry.aliyuncs.com/google_containers/coredns@sha256:608ac7ccba5ce41c6941fca13bc67059c1eef927fd968b554b790e21cc92543c

[root@k8s-vm03 ~]# docker images
REPOSITORY                               TAG                 IMAGE ID            CREATED             SIZE
k8s.gcr.io/coredns                       1.6.5               70f311871ae1        5 months ago        41.6MB

最终发现我们想要的k8s.gcr.io/coredns:1.6.5镜像被成功下载下来了!

最后要记得:
确定imagePullPolicy镜像下载策略是IfNotPresent,即本地有镜像则使用本地镜像,不拉取!
或者将下载好的镜像放到harbor私有仓库里,然后将image下载地址指向harbor仓库地址。

以上总结三个步骤:

# docker pull registry.aliyuncs.com/google_containers/coredns:1.6.5
# docker tag registry.aliyuncs.com/google_containers/coredns:1.6.5 k8s.gcr.io/coredns:1.6.5
# docker rmi registry.aliyuncs.com/google_containers/coredns:1.6.5
posted @ 2020-04-26 11:26  散尽浮华  阅读(34399)  评论(4编辑  收藏  举报