Kubernetes(K8S) Deployment 拉取阿里云镜像部署

Docker Image 推到阿里云仓库,可以看 SpringBoot Docker 发布到 阿里仓库

1. 阿里镜像仓库加了授权,所以 K8S 拉之前要做下授权处理

[root@k8smaster ~]# kubectl create secret docker-registry registry-demo  \
    --namespace=default \
    --docker-server=registry.cn-shanghai.aliyuncs.com \
    --docker-username=hi帐户ID@aliyun.com \
    --docker-password=vipsoft \
    --docker-email=xxxxx@qq.com
secret/registry-demo created
[root@k8smaster ~]# kubectl get secrets 
NAME                  TYPE                                  DATA   AGE
default-token-q7lps   kubernetes.io/service-account-token   3      5d17h
registry-demo         kubernetes.io/dockerconfigjson        1      2m53s 
[root@k8smaster ~]# kubectl describe secrets registry-demo 
Name:         registry-demo
Namespace:    default
Labels:       <none>
Annotations:  <none>

Type:  kubernetes.io/dockerconfigjson

Data
====
.dockerconfigjson:  196 bytes
[root@k8smaster ~]#  

解释说明:

[root@k8smaster ~]# kubectl create secret docker-registry registry-demo  \ #创建类型为:docker-registry的secrets名称为registry-demo                 
    --namespace=default \  # K8S 的命名空间,非阿里云仓库的命名空间,值 default 可不写,默认为 default, 不同Namespace,在创建secrets时需要指定Namespace,
    --docker-server=registry.cn-shanghai.aliyuncs.com \  #阿里云镜像仓库,公网地址
    --docker-username=hi帐户ID@aliyun.com \   #阿里云的帐号
    --docker-password=vipsoft \              #仓库的密码,在 仓库管理-> 访问凭证中可设置
    --docker-email=xxxx@qq.com               # 用户邮箱
[root@k8smaster ~]# kubectl get secret registry-demo -o yaml #查看secret详细信息

2. 生成 yaml ,并修改yaml 配置 imagePullSecrets,否则后面会报 ImagePullBackOff,拉取需要登录 requested access to the resource is denied

K8S 拉取镜像 ImagePullBackOff pull access denied

[root@k8smaster ~]# kubectl create deployment javademo1 --image=registry.cn-shanghai.aliyuncs.com/vipsoft/vipsoft:1.0 --dry-run -o yaml > javademo1.yaml
W1018 18:49:33.112150   62765 helpers.go:535] --dry-run is deprecated and can be replaced with --dry-run=client.
[root@k8smaster ~]# vi javademo1.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    app: javademo1
  name: javademo1
spec:
  replicas: 1
  selector:
    matchLabels:
      app: javademo1
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: javademo1
    spec:
      containers:
      - image: registry.cn-shanghai.aliyuncs.com/vipsoft/vipsoft:1.0
        name: vipsoft
        resources: {}
      imagePullSecrets:
      - name: registry-demo
status: {}

3. 创建容器

[root@k8smaster ~]# kubectl apply -f javademo1.yaml 
deployment.apps/javademo1 created  
[root@k8smaster ~]# kubectl get pods
NAME                         READY   STATUS              RESTARTS   AGE 
javademo1-84dd5c9485-8ckk6   0/1     ContainerCreating   0          6s
nginx-f89759699-5hkdw        1/1     Running             0          5d17h 
[root@k8smaster ~]# kubectl get pods
NAME                         READY   STATUS    RESTARTS   AGE
javademo1-84dd5c9485-8ckk6   1/1     Running   0          65s
nginx-f89759699-5hkdw        1/1     Running   0          5d17h
[root@k8smaster ~]# kubectl get pods -o wide
NAME                         READY   STATUS    RESTARTS   AGE     IP           NODE       NOMINATED NODE   READINESS GATES
javademo1-84dd5c9485-8ckk6   1/1     Running   0          111s    10.244.1.4   k8snode1   <none>           <none>
nginx-f89759699-5hkdw        1/1     Running   0          5d17h   10.244.2.2   k8snode2   <none>           <none>
[root@k8smaster ~]# kubectl scale deployment javademo1 --replicas=3  # 扩容3个服务
deployment.apps/javademo1 scaled
[root@k8smaster ~]# kubectl get pods -o wide
NAME                         READY   STATUS             RESTARTS   AGE     IP           NODE       NOMINATED NODE   READINESS GATES
javademo1-84dd5c9485-7vgkr   0/1     ImagePullBackOff   0          16s     10.244.2.6   k8snode2   <none>           <none>
javademo1-84dd5c9485-8ckk6   1/1     Running            0          6m21s   10.244.1.4   k8snode1   <none>           <none>
javademo1-84dd5c9485-8hfmd   0/1     ImagePullBackOff   0          16s     10.244.2.7   k8snode2   <none>           <none>
nginx-f89759699-5hkdw        1/1     Running            0          5d17h   10.244.2.2   k8snode2   <none>           <none>
[root@k8smaster ~]# kubectl get pods -o wide
NAME                         READY   STATUS    RESTARTS   AGE     IP           NODE       NOMINATED NODE   READINESS GATES
javademo1-84dd5c9485-7vgkr   1/1     Running   0          58s     10.244.2.6   k8snode2   <none>           <none>
javademo1-84dd5c9485-8ckk6   1/1     Running   0          7m3s    10.244.1.4   k8snode1   <none>           <none>
javademo1-84dd5c9485-8hfmd   1/1     Running   0          58s     10.244.2.7   k8snode2   <none>           <none>
nginx-f89759699-5hkdw        1/1     Running   0          5d17h   10.244.2.2   k8snode2   <none>           <none>
[root@k8smaster ~]# kubectl expose deployment javademo1 --port=8111 --target-port=8111 --type=NodePort   # 对外暴露端口,不然不能访问
service/javademo1 exposed
[root@k8smaster ~]# kubectl get svc #查看 service 的运行状态
NAME         TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
javademo1    NodePort    10.106.43.46   <none>        8111:31452/TCP   25s
kubernetes   ClusterIP   10.96.0.1      <none>        443/TCP          5d17h
nginx        NodePort    10.103.87.81   <none>        80:30339/TCP     5d17h
[root@k8smaster ~]# 

4. 测试

 5. 补充

CrashLoopBackOff 容器退出,kubelet正在将它重启
InvalidImageName 无法解析镜像名称
ImageInspectError 无法校验镜像
ErrImageNeverPul 策略禁止拉取镜像
ImagePullBackOff 正在重试拉取
RegistryUnavailable 连接不到镜像中心
ErrImagePull 通用的拉取镜像出错
CreateContainerConfigError 不能创建kubelet使用的容器配置
CreateContainerError 创建容器失败
m.internalLifecycle.PreStartContainer 执行hook报错
RunContainerError 启动容器失败
PostStartHookError 执行hook报错
ContainersNotInitialized 容器没有初始化完毕
ContainersNotReady 容器没有准备完毕
ContainerCreating 容器创建中
PodInitializing pod初始化中
DockerDaemonNotReady docker还没有完全启动
NetworkPluginNotReady 网络插件还没有完全启动
Evicted 即驱赶的意思,意思是当节点出现异常时,kubernetes将有相应的机制驱赶该节点上的Pod。多见于资源不足时导致的驱赶。

 

posted @ 2022-10-19 11:10  VipSoft  阅读(3170)  评论(1编辑  收藏  举报