K8S基本操作-42-K8S 選擇映像檔來源

February 7, 2024

建立一個 Secret 用於儲存映像檔專用

假定我們映像檔來源如下:

Name: private-reg-cred
Username: dock_user
Password: dock_password
Server: myprivateregistry.com:5000
Email: dock_user@myprivateregistry.com

我們以此用以下指令建立一個專用的 secret 儲存映像檔伺服器與登入資訊:

kubectl create secret docker-registry private-reg-cred  --docker-username=dock_user --docker-password=dock_password --docker-server=myprivateregistry.com:5000 --docker-email=dock_user@myprivateregistry.com

接著就能在建立 Deployment 的時候使用這個設置了:

apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "1"
  creationTimestamp: "2024-02-07T07:42:35Z"
  generation: 1
  labels:
    app: web
  name: web
  namespace: default
  resourceVersion: "2478"
  uid: 79c83f92-67f5-49bd-a372-25dd2bbd5a5d
spec:
  progressDeadlineSeconds: 600
  replicas: 2
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: web
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: web
    spec:
      imagePullSecrets:
      - name: private-reg-cred
      containers:
      - image: nginx:alpine
        imagePullPolicy: IfNotPresent
        name: nginx
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30