kubernetes:容器没有使用私有注册表

时间:2015-11-23 09:56:51

标签: docker kubernetes

我在debian上运行了kubernetes 1.1.1的工作安装

我还有一个私人注册表在v2中运行良好..

我面临一个奇怪的问题。

在主人

中定义一个pod

apiVersion:v1 亲切:Pod 元数据: 名称:nginx 标签: app:nginx 规格: 容器: - 名称:nginx image:docker-registry.hiberus.com:5000/debian:ssh imagePullSecrets: - name:myregistrykey

我也有我主人的秘密 myregistrykey kubernetes.io/dockercfg 1 44m

我的config.json是这样的

{
"auths": {
"https://docker-registry.hiberus.com:5000": {
"auth": "anNhdXJhOmpzYXVyYQ==",
"email": "jsaura@heraldo.es"
}
}
}

所以我做了base64并创建了我的秘密。

简单如地狱

在我的节点上,图像被拉出没有任何问题

docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
docker-registry.hiberus.com:5000/debian ssh 3b332951c107 29 minutes ago 183.3 MB
golang 1.4 2819d1d84442 7 days ago 562.7 MB
debian latest 91bac885982d 8 days ago 125.1 MB
gcr.io/google_containers/pause 0.8.0 2c40b0526b63 7 months ago 241.7 kB

但我的容器无法启动

./kubectl describe pod nginx
Name: nginx
Namespace: default
Image(s): docker-registry.hiberus.com:5000/debian:ssh
Node: 192.168.29.122/192.168.29.122
Start Time: Wed, 18 Nov 2015 17:08:53 +0100
Labels: app=nginx
Status: Running
Reason:
Message:
IP: 172.17.0.2
Replication Controllers: 
Containers:
nginx:
Container ID: docker://3e55ab118a3e5d01d3c58361abb1b23483d41be06741ce747d4c20f5abfeb15f
Image: docker-registry.hiberus.com:5000/debian:ssh
Image ID: docker://3b332951c1070ba2d7a3bb439787a8169fe503ed8984bcefd0d6c273d22d4370
State: Waiting
Reason: CrashLoopBackOff
Last Termination State: Terminated
Reason: Error
Exit Code: 0
Started: Wed, 18 Nov 2015 17:08:59 +0100
Finished: Wed, 18 Nov 2015 17:08:59 +0100
Ready: False
Restart Count: 2
Environment Variables:
Conditions:
Type Status
Ready False
Volumes:
default-token-ha0i4:
Type: Secret (a secret that should populate this volume)
SecretName: default-token-ha0i4
Events:
FirstSeen LastSeen Count From SubobjectPath Reason Message
───────── ──────── ───── ──── ───────────── ────── ───────
16s 16s 1 {kubelet 192.168.29.122} implicitly required container POD Created Created with docker id 4a063be27162
16s 16s 1 {kubelet 192.168.29.122} implicitly required container POD Pulled Container image "gcr.io/google_containers/pause:0.8.0" already present on machine
16s 16s 1 {kubelet 192.168.29.122} implicitly required container POD Started Started with docker id 4a063be27162
16s 16s 1 {kubelet 192.168.29.122} spec.containers{nginx} Pulling Pulling image "docker-registry.hiberus.com:5000/debian:ssh"
15s 15s 1 {scheduler } Scheduled Successfully assigned nginx to 192.168.29.122
11s 11s 1 {kubelet 192.168.29.122} spec.containers{nginx} Created Created with docker id 36df2dc8b999
11s 11s 1 {kubelet 192.168.29.122} spec.containers{nginx} Pulled Successfully pulled image "docker-registry.hiberus.com:5000/debian:ssh"
11s 11s 1 {kubelet 192.168.29.122} spec.containers{nginx} Started Started with docker id 36df2dc8b999
10s 10s 1 {kubelet 192.168.29.122} spec.containers{nginx} Pulled Container image "docker-registry.hiberus.com:5000/debian:ssh" already present on machine
10s 10s 1 {kubelet 192.168.29.122} spec.containers{nginx} Created Created with docker id 3e55ab118a3e
10s 10s 1 {kubelet 192.168.29.122} spec.containers{nginx} Started Started with docker id 3e55ab118a3e
5s 5s 1 {kubelet 192.168.29.122} spec.containers{nginx} Backoff Back-off restarting failed docker container

它在内部循环尝试启动但它永远不会

奇怪的是,如果我在我的节点上手动执行运行命令,容器启动没有任何问题,但使用pod拉动图像但从未启动..

我做错了吗?

如果我为我的pod使用公共图像,它会毫无问题地启动..这只会在我使用私有图像时发生..

我也从debian转到了ubuntu,没有运气同样的问题

我还将秘密链接到默认服务帐户,仍然没有运气

克隆最后一个git版本,编译,没有运气..

对我来说很明显,问题是使用私人注册表,但我已经申请并遵循了我读过的所有信息,但仍然没有运气。

1 个答案:

答案 0 :(得分:0)

如果Docker容器的主进程已退出,则可以退出。 您可以共享容器日志吗?

  1. 如果您执行docker ps -a,则应该看到所有正在运行和退出的容器
  2. 运行docker container logs container_id

还尝试以交互方式和守护程序模式运行容器,看看它是否仅在守护程序模式下失败。

以守护程序模式运行-

  

docker run -d -t Image_name

以交互模式运行-

  

docker run -it Image_name

对于交互式守护程序模式docker run -idt Image_name

引荐-Why docker container exits immediately