1、检查/etc/hosts是否配置了harbor域名解析;
2、检查/etc/docker/daemon.json是否按harbor域名配置了不安全访问方式insecure-registries;
3、若创建http密钥时能验证通过,但在创建pod时无法读取harbor中的镜像信息,则:
修改coredns
kubectl -n kube-system edit cm coredns
在Corefile下面修改
对应hosts文件的harbor的地址映射信息
apiVersion: v1
data:
Corefile: |
.:53 {
errors
health {
lameduck 5s
}
ready
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
ttl 30
}
#此处hosts为新增内容
hosts {
10.28.25.76 harbor.xugu.com
fallthrough
}
prometheus :9153
forward . /etc/resolv.conf {
max_concurrent 1000
}
cache 30
loop
reload
loadbalance
}
kind: ConfigMap
metadata:
creationTimestamp: 2024-08-05T02:17:54Z
name: coredns
namespace: kube-system
resourceVersion: "227239"
uid: b4417850-ca8e-4662-b645-8abcf1610c4f
删除旧的coredns的pod,系统会自动启用新的dns
kubectl delete -n kube-system pod `kubectl get pod -A|grep dns|awk '{print $2}'`
查看新的coredns的pod
kubectl get pod -A|grep dns
安装工具包验证域名问题
yum -y install bind-utils
验证node1的域名解析
nslookup xg-ljc-node1 ` kubectl get svc -A|grep dns|awk '{print $4}'`