kaniko介绍
官网:https://github.com/GoogleContainerTools/kaniko
参考:http://dockone.io:82/article/4933
与Jenkins对比:https://yq.aliyun.com/ask/494251/?order=vote_num&p=1
在K8S中运行
apiVersion: v1
kind: Secret
metadata:
name: kaniko-secret
type: kubernetes.io/basic-auth
stringData:
username: [destination对应镜像仓库账号]
password: [destination对应镜像仓库密码]
---
apiVersion: v1
kind: Pod
metadata:
name: kaniko
spec:
nodeSelector:
kubernetes.io/hostname: prod-l27-4-23
containers:
- name: kaniko
image: registry.cn-hangzhou.aliyuncs.com/shenshouer/tektoncd-executor:latest
args:
- --dockerfile=/root/kaniko-test/context/Dockerfile
- --context=/root/kaniko-test/context
- --tarPath=/root/kaniko-test/context/context.tar
- --destination=registry.cn-hangzhou.aliyuncs.com/shenshouer/ayena:test
volumeMounts:
- name: kaniko-secret
mountPath: /secret
- name: context-data
mountPath: /root/kaniko-test/context
env:
- name: GOOGLE_APPLICATION_CREDENTIALS
value: /secret/kaniko-secret.json
restartPolicy: Never
volumes:
- name: context-data
hostPath:
path: /root/kaniko-test/context
type: Directory
- name: kaniko-secret
secret:
secretName: kaniko-secret
在Docker中运行
docker rm -f kaniko
docker run --name kaniko \
-v $HOME/.docker/:/kaniko/.docker \
-v `pwd`:/workspace \
registry.cn-hangzhou.aliyuncs.com/shenshouer/tektoncd-executor:latest \
--dockerfile /workspace/Dockerfile \
--destination registry.cn-hangzhou.aliyuncs.com/shenshouer/ayena:test \
--context dir:///workspace/
注意:认证信息需要挂载-v $HOME/.docker/:/kaniko/.docker