需求:以yaml文件格式的方式来创建能够拉取harbor镜像的secret.
然后在pod中引用
-
docker login -u USERNAME -pPASSWORD HARBORSERVER #以这种方式先成功登陆到harbor仓库
-
cat ~/.docker/config.json | base64 -w 0 #然后登陆信息会保存到如上的json格式文件里.我们通过base64编码工具,将其再进行转换
-
vim pull.image.secret.yaml apiVersion: v1 data: .dockerconfigjson: ewoJImF1dGhzIjogewoJCSIxMC4xMC4xMS40MDo4MCI6IHsKCQkJImF1dGgiOiAiY1dsaGIzbHBibWM2Um05ellXWmxjaTVqYjIweU1ERTQiCgkJfQoJfSwKCSJIdHRwSGVhZGVycyI6IHsKCQkiVXNlci1BZ2VudCI6ICJEb2NrZXItQ2xpZW50LzE5LjAzLjYgKGxpbnV4KSIKCX0KfQ== #如上这串字符是2输出的字符串 kind: Secret metadata: name: 40harbor-secret namespace: duowei type: kubernetes.io/dockerconfigjson #必须为该type
-
deployment引用的时候,在Deployment.spec.template.spec.imagePullSecrets,添加
imagePullSecrets: - name: 40harbor-secret