Docker Image 推到阿里云仓库,可以看 SpringBoot Docker 发布到 阿里仓库
1. 阿里镜像仓库加了授权,所以 K8S 拉之前要做下授权处理
[root@k8smaster ~]# kubectl create secret docker-registry registry-demo \ --namespace=default \ --docker-server=registry.cn-shanghai.aliyuncs.com \ --docker-username=hi帐户ID@aliyun.com \ --docker-password=vipsoft \ --docker-email=xxxxx@qq.com secret/registry-demo created [root@k8smaster ~]# kubectl get secrets NAME TYPE DATA AGE default-token-q7lps kubernetes.io/service-account-token 3 5d17h registry-demo kubernetes.io/dockerconfigjson 1 2m53s [root@k8smaster ~]# kubectl describe secrets registry-demo Name: registry-demo Namespace: default Labels: <none> Annotations: <none> Type: kubernetes.io/dockerconfigjson Data ==== .dockerconfigjson: 196 bytes [root@k8smaster ~]#
解释说明:
[root@k8smaster ~]# kubectl create secret docker-registry registry-demo \ #创建类型为:docker-registry的secrets名称为registry-demo --namespace=default \ # K8S 的命名空间,非阿里云仓库的命名空间,值 default 可不写,默认为 default, 不同Namespace,在创建secrets时需要指定Namespace, --docker-server=registry.cn-shanghai.aliyuncs.com \ #阿里云镜像仓库,公网地址 --docker-username=hi帐户ID@aliyun.com \ #阿里云的帐号 --docker-password=vipsoft \ #仓库的密码,在 仓库管理-> 访问凭证中可设置 --docker-email=xxxx@qq.com # 用户邮箱 [root@k8smaster ~]# kubectl get secret registry-demo -o yaml #查看secret详细信息
2. 生成 yaml ,并修改yaml 配置 imagePullSecrets,否则后面会报 ImagePullBackOff,拉取需要登录 requested access to the resource is denied
K8S 拉取镜像 ImagePullBackOff pull access denied
[root@k8smaster ~]# kubectl create deployment javademo1 --image=registry.cn-shanghai.aliyuncs.com/vipsoft/vipsoft:1.0 --dry-run -o yaml > javademo1.yaml W1018 18:49:33.112150 62765 helpers.go:535] --dry-run is deprecated and can be replaced with --dry-run=client. [root@k8smaster ~]# vi javademo1.yaml apiVersion: apps/v1 kind: Deployment metadata: creationTimestamp: null labels: app: javademo1 name: javademo1 spec: replicas: 1 selector: matchLabels: app: javademo1 strategy: {} template: metadata: creationTimestamp: null labels: app: javademo1 spec: containers: - image: registry.cn-shanghai.aliyuncs.com/vipsoft/vipsoft:1.0 name: vipsoft resources: {} imagePullSecrets: - name: registry-demo status: {}
3. 创建容器
[root@k8smaster ~]# kubectl apply -f javademo1.yaml deployment.apps/javademo1 created [root@k8smaster ~]# kubectl get pods NAME READY STATUS RESTARTS AGE javademo1-84dd5c9485-8ckk6 0/1 ContainerCreating 0 6s nginx-f89759699-5hkdw 1/1 Running 0 5d17h [root@k8smaster ~]# kubectl get pods NAME READY STATUS RESTARTS AGE javademo1-84dd5c9485-8ckk6 1/1 Running 0 65s nginx-f89759699-5hkdw 1/1 Running 0 5d17h [root@k8smaster ~]# kubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES javademo1-84dd5c9485-8ckk6 1/1 Running 0 111s 10.244.1.4 k8snode1 <none> <none> nginx-f89759699-5hkdw 1/1 Running 0 5d17h 10.244.2.2 k8snode2 <none> <none> [root@k8smaster ~]# kubectl scale deployment javademo1 --replicas=3 # 扩容3个服务 deployment.apps/javademo1 scaled [root@k8smaster ~]# kubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES javademo1-84dd5c9485-7vgkr 0/1 ImagePullBackOff 0 16s 10.244.2.6 k8snode2 <none> <none> javademo1-84dd5c9485-8ckk6 1/1 Running 0 6m21s 10.244.1.4 k8snode1 <none> <none> javademo1-84dd5c9485-8hfmd 0/1 ImagePullBackOff 0 16s 10.244.2.7 k8snode2 <none> <none> nginx-f89759699-5hkdw 1/1 Running 0 5d17h 10.244.2.2 k8snode2 <none> <none> [root@k8smaster ~]# kubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES javademo1-84dd5c9485-7vgkr 1/1 Running 0 58s 10.244.2.6 k8snode2 <none> <none> javademo1-84dd5c9485-8ckk6 1/1 Running 0 7m3s 10.244.1.4 k8snode1 <none> <none> javademo1-84dd5c9485-8hfmd 1/1 Running 0 58s 10.244.2.7 k8snode2 <none> <none> nginx-f89759699-5hkdw 1/1 Running 0 5d17h 10.244.2.2 k8snode2 <none> <none> [root@k8smaster ~]# kubectl expose deployment javademo1 --port=8111 --target-port=8111 --type=NodePort # 对外暴露端口,不然不能访问 service/javademo1 exposed [root@k8smaster ~]# kubectl get svc #查看 service 的运行状态 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE javademo1 NodePort 10.106.43.46 <none> 8111:31452/TCP 25s kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 5d17h nginx NodePort 10.103.87.81 <none> 80:30339/TCP 5d17h [root@k8smaster ~]#
4. 测试
5. 补充
| CrashLoopBackOff | 容器退出,kubelet正在将它重启 |
| InvalidImageName | 无法解析镜像名称 |
| ImageInspectError | 无法校验镜像 |
| ErrImageNeverPul | 策略禁止拉取镜像 |
| ImagePullBackOff | 正在重试拉取 |
| RegistryUnavailable | 连接不到镜像中心 |
| ErrImagePull | 通用的拉取镜像出错 |
| CreateContainerConfigError | 不能创建kubelet使用的容器配置 |
| CreateContainerError | 创建容器失败 |
| m.internalLifecycle.PreStartContainer | 执行hook报错 |
| RunContainerError | 启动容器失败 |
| PostStartHookError | 执行hook报错 |
| ContainersNotInitialized | 容器没有初始化完毕 |
| ContainersNotReady | 容器没有准备完毕 |
| ContainerCreating | 容器创建中 |
| PodInitializing | pod初始化中 |
| DockerDaemonNotReady | docker还没有完全启动 |
| NetworkPluginNotReady | 网络插件还没有完全启动 |
| Evicted | 即驱赶的意思,意思是当节点出现异常时,kubernetes将有相应的机制驱赶该节点上的Pod。多见于资源不足时导致的驱赶。 |
