搭建私有仓库(registry)
$ docker pull registry
//通过-v参数来映射本地的路径到容器内
$ docker run -d -p 5000:5000 --restart always --name registry registry:2 -v [本地路径]:/var/lib/registry
假设有一个ubuntu的image,现在将它上传到私有仓库
$ docker tag ubuntu localhost:5000/ubuntu
$ docker push localhost:5000/ubuntu
$ curl http://localhost:5000/v2/_catalog
minikube从私有仓库拉取docker镜像
启动minikube时指定私有仓库
(注意:如果minikube已经创建过、则需要先minikube delete 再执行下述语句)
$ minikube start --registry-mirror=https://registry.docker-cn.com --insecure-registry=192.168.43.68:5000
验证:
$ minikube ssh
$ curl http://:/v2/_catalog
ERROR SHEET
排查:minikube拉取私有仓库失败
参考:https://www.cnblogs.com/lkun/p/7990466.html
现象:使用kubectl create -f xxxx.yaml创建镜像,镜像文件如下:
apiVersion: v1
kind: Pod
metadata:
name: kubia-manual
spec:
containers:
- image: 192.168.43.68:5000/kubia #tag=registry_ip:5000/kubia
name: kubia
ports:
- containerPort: 8080
protocol: TCP
此时使用kubectl get pods查看容器运行情况,发现报错:容器下载出错
排查思路:怀疑minikube中的docker指令pull报错,因此考虑先进到minikube中查看docker pull的运行结果
$ minikube ssh
$ docker pull 192.168.43.68:5000/kubia #在registry中已经准备好带有tag的image
# 此时有报错:http: server gave HTTP response to HTTPS client
$ sudo vi /usr/lib/systemd/system/docker.service
在ExecStart=的语句最后添加:--insecure-registry registry_ip:5000
$ systemctl daemon-reload
$ systemctl restart docker
# 推荐delete minikube,并在启动minikube时指定私有仓库,这样可以在重启minikube后依然保持生效