Kubernetes私有注册表(gitlab)在不同节点上的镜像

时间:2019-05-17 07:50:16

标签: docker kubernetes gitlab gitlab-ci kubernetes-helm

我有一个带有2个节点的Kubernetes集群。现在,当我使用Gitlab CI部署到群集时,它将正常部署应用程序。

但是当我将cronjob服务添加到Gitlab CI使用的图表(helm图表)时,该服务使用与应用程序相同的图像。它运行在同时部署了应用程序本身的节点上,而不是在另一个节点上。

错误:

Failed to pull image "gitlab.example.nl:4567/v2/namespace/project/manifests/0998034a-ae44-457e-bb5e-3d3304a2fc54": rpc error: code = Unknown desc = Error response from daemon: Get https://gitlab.example.nl:4567/v2/namespace/project/manifests/0998034a-ae44-457e-bb5e-3d3304a2fc54: unauthorized: HTTP Basic: Access denied

更改了不公开公司的网址

示例:

Node1:
Does not run cronjob, because it cannot pull the image.

Node2:
Runs application normally
Runs cronjobs normally

部署和cronjob图表都具有ImagePullSecrets属性,我将令牌的有效时间设置为15分钟

k8s仪表板示例 k8s image

Cronjob.yaml(舵图)

apiVersion: batch/v1beta1
kind: CronJob
metadata:
  name: {{ template "trackableappname" . }}-cron
spec:
  schedule: "*/1 * * * *"
  jobTemplate:
    spec:
      template:
        spec:
          imagePullSecrets:
{{ toYaml .Values.image_fpm.secrets | indent 12 }}
          volumes:
            - name: appdir
              emptyDir: {}
            {{- if .Values.storage.enabled }}
            - name: cron-{{ .Values.storage.name }}-pv-storage
              persistentVolumeClaim:
                claimName: {{ .Values.storage.name }}-pv-claim
            {{- end }}
            - name: secrets
              secret:
                secretName: environment-file
          containers:
            - name: fpm-{{ .Chart.Name }}-cronjob
              image: "{{ .Values.image_fpm.repository }}:{{ .Values.image_fpm.tag }}"
              imagePullPolicy: {{ .Values.image_fpm.pullPolicy }}
              command: ["/bin/sh"]
              args: ["-c", "{{ .Values.application.cronCommand }}"]
              volumeMounts:
              - name: appdir
                mountPath: /var/www/html
              {{- if .Values.storage.enabled }}
              - name: cron-{{ .Values.storage.name }}-pv-storage
                mountPath: /var/www/html/storage
              {{- end }}
              - name: secrets
                mountPath: /var/secrets
              {{- if .Values.application.secretName }}
              envFrom:
              - secretRef:
                  name: {{ .Values.application.secretName }}
              {{- end }}
              env:
                - name: "APP_DEBUG"
                  value: "false"
                - name: ENVIRONMENT_FILE
                  valueFrom:
                    secretKeyRef:
                      name: environment-file
                      key: ENVIRONMENT_FILE
          initContainers:
            - name: copy-{{ .Chart.Name }}-cronjob
              image: "{{ .Values.image_workspace.repository }}:{{ .Values.image_workspace.tag }}"
              command: ["/bin/sh"]
              args: ["-c", "{{ .Values.application.initCommand }}"]
              env:
                - name: ENVIRONMENT_FILE
                  valueFrom:
                    secretKeyRef:
                      name: environment-file
                      key: ENVIRONMENT_FILE
              volumeMounts:
                - name: appdir
                  mountPath: /var/www/application
              imagePullPolicy: {{ .Values.image_fpm.pullPolicy }}
          restartPolicy: OnFailure

0 个答案:

没有答案
相关问题
最新问题