从 Bitbucket 部署到 Azure AKS 失败

时间:2021-05-09 11:27:09

标签: azure docker kubernetes bitbucket azure-aks

我创建了一个 Bitbucket 管道并尝试将基本 pod 部署到 Azure AKS。 bitbucket-pipelines.yml 在下面;

image: atlassian/default-image:2

options:
  docker: true
pipelines:
  default:
    - step:
        name: Docker login
        caches:
           - docker
        script:
          - docker login -u $DOCKERHUB_USER -p $DOCKERHUB_PASSWORD
    - step:
        name: "Deploy to PROD"
        deployment: production
        script:
          - pipe: microsoft/azure-aks-deploy:1.0.0
            variables:
              AZURE_APP_ID: $AZURE_APP_ID
              AZURE_PASSWORD: $AZURE_PASSWORD
              AZURE_TENANT_ID: $AZURE_TENANT_ID
              AZURE_AKS_NAME: "demo-aks"
              AZURE_RESOURCE_GROUP: "demo-rg"
              KUBECTL_COMMAND: 'apply'
              KUBERNETES_SPEC_FILE: 'test.yaml'

和test.yaml文件在下面;

apiVersion: v1
kind: Pod
metadata:
  name: test
  labels:
    app: test
spec:
  containers:
  - name: test
    image: myrepository/test:1234
    command: ["/bin/sleep", "3650d"]
    imagePullPolicy: IfNotPresent
  restartPolicy: Always

“kubectl apply -f test-yaml”命令似乎已成功执行,并且正在尝试创建 pod,但出现“docker login”错误。

  Warning  Failed     9s (x2 over 24s)   kubelet            Failed to pull image "myrepository/test:1234": rpc error: code = Unknown desc = Error response from daemon: pull access denied for myrepository/test, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
  Warning  Failed     9s (x2 over 24s)   kubelet            Error: ErrImagePul

Docker 用户和传递变量已经添加并且它们是正确的。不知道问题出在哪里。 谢谢!

1 个答案:

答案 0 :(得分:3)

您是否在 AKS 中创建了正确的 Docker 凭据? 如果您确定 docker login 是正确的,那么在 AKS 中创建以下机密:

kubectl create secret generic regcred \
    --from-file=.dockerconfigjson=<path/to/.docker/config.json> \
    --type=kubernetes.io/dockerconfigjson

其中 <path/to/.docker/config.json> 通常是 ~/.docker/config.json(当然您需要能够从您的机器访问该存储库)。

然后,在您的 pod 定义中引用这个秘密凭证:

  imagePullSecrets:
  - name: regcred

使用您的示例:

apiVersion: v1
kind: Pod
metadata:
  name: test
  labels:
    app: test
spec:
  containers:
  - name: test
    image: myrepository/test:1234
    command: ["/bin/sleep", "3650d"]
    imagePullPolicy: IfNotPresent
  imagePullSecrets:
  - name: regcred
  restartPolicy: Always

AKS 可以轻松地从公共 Docker Hub 存储库或 Azure ACR(Azure 容器注册表)中提取图像,但要连接到私有 Docker Hub,您需要提供正确的连接数据。

参考:https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

相关问题
最新问题