环境信息:
k3s version v1.25.2+k3s1 (53c268d8)
节点 CPU 架构、操作系统和版本::
Linux master 3.10.0-1160.71.1.el7.x86_64 #1 SMP Tue Jun 28 15:37:28 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
集群配置:
1 servers问题描述:
k3s containerd 不能使用本地镜像复现步骤:
安装 K3s 的命令:
预期结果:
实际结果:
附加上下文/日志:
日志
``Docker ”: failed to resolve reference “Docker ”: pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed
1 个赞
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-dep
spec:
selector:
matchLabels:
app: nginx-dep-lab
replicas: 1
template:
metadata:
labels:
app: nginx-dep-lab
spec:
containers:
- name: nginxctn
image: docker.io/library/alpine-php8-nginx:3.16-8-1.22
imagePullPolicy: IfNotPresent
#command: ['/bin/sh','-c','cat /etc/nginx/nginx.conf']
ports:
- containerPort: 80
resources:
requests:
memory: "16Mi"
cpu: "10m"
limits:
memory: "64Mi"
cpu: "20m"
livenessProbe:
initialDelaySeconds: 10 #延迟检测时间
periodSeconds: 5 #检测时间间隔
tcpSocket:
port: 80
readinessProbe:
initialDelaySeconds: 20
periodSeconds: 5
timeoutSeconds: 10
tcpSocket:
port: 80
startupProbe:
httpGet:
path: /hostip.php
port: 80
failureThreshold: 60
initialDelaySeconds: 5
periodSeconds: 5
volumeMounts:
- name: nginx-html # 挂载数据卷 (要跟下面的 name 名字相同)
mountPath: /etc/nginx/html/ # 容器内的挂载路径
- name: nginx-logs # 挂载数据卷 (要跟下面的 name 名字相同)
mountPath: /etc/nginx/logs/ # 容器内的挂载路径
- name: nginx-conf-n # 挂载数据卷 (要跟下面的 name 名字相同)
mountPath: /etc/nginx/nginx.conf # 容器内的挂载路径
subPath: nginx.conf
- name: www-conf-n # 挂载数据卷 (要跟下面的 name 名字相同)
mountPath: /etc/php8/php-fpm.d/www.conf # 容器内的挂载路径
subPath: www.conf
volumes:
- name: nginx-conf-n
configMap:
name: nginx-conf
items:
- key: nginx.conf
path: nginx.conf
- name: www-conf-n
configMap:
name: www-conf
items:
- key: www.conf
path: www.conf
- name: nginx-html
hostPath:
# directory location on host 绑定的节点的文件路径
path: /data/nginxconf/html/
# this field is optional 此路径类型为必须存在
type: Directory
- name: nginx-logs
hostPath:
# directory location on host 绑定的节点的文件路径
path: /data/nginxconf/logs/
# this field is optional 此路径类型为必须存在
type: Directory
restartPolicy: Always
ksd
2023 年2 月 22 日 06:49
5
首先, ctr 是 containerd 自带的工具,有命名空间的概念,如果是 k8s 相关的镜像,都默认在 k8s.io 这个命名空间中,所以导入镜像时需要指定命令空间为 k8s.io:
ctr -n k8s.io image import epinio-unpacker.tar.gz
然后你就可以通过 crictl images 或 ctr -n k8s.io i list 来查看你导入的镜像
另外,如果你的主机已经安装了 docker,一般会自动帮你安装 ctr 。再次安装 K3s 的时候,因为环境变量中已经存在了 ctr,所以k3s将不会帮你自动安装 ctr,可以从安装k3s的日志从看到:
root@k3s1:~# curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn sh -
[INFO] Finding release for channel stable
[INFO] Using v1.25.6+k3s1 as release
[INFO] Downloading hash rancher-mirror.rancher.cn/k3s/v1.25.6-k3s1/sha256sum-amd64.txt
[INFO] Downloading binary rancher-mirror.rancher.cn/k3s/v1.25.6-k3s1/k3s
[INFO] Verifying binary download
[INFO] Installing k3s to /usr/local/bin/k3s
[INFO] Skipping installation of SELinux RPM
[INFO] Creating /usr/local/bin/kubectl symlink to k3s
[INFO] Creating /usr/local/bin/crictl symlink to k3s
[INFO] Skipping /usr/local/bin/ctr symlink to k3s, command exists in PATH at /usr/bin/ctr
[INFO] Creating killall script /usr/local/bin/k3s-killall.sh
[INFO] Creating uninstall script /usr/local/bin/k3s-uninstall.sh
[INFO] env: Creating environment file /etc/systemd/system/k3s.service.env
[INFO] systemd: Creating service file /etc/systemd/system/k3s.service
[INFO] systemd: Enabling k3s unit
Created symlink /etc/systemd/system/multi-user.target.wants/k3s.service → /etc/systemd/system/k3s.service.
[INFO] systemd: Starting k3s
如果这种情况,你使用 ctr 来查询镜像,你查的并不是 k3s 中的镜像,针对这种情况,你需要使用如下命令去导入镜像和查询镜像;
k3s ctr -n k8s.io image import epinio-unpacker.tar.gz
k3s ctr -n k8s.io images ls
