K8s集群中设置harbor仓库认证

一,获取harbor的登陆用户名和密码(demo_user/demo_pwd)

 

二,使用kubectl命令生成secret(不同的namespace要分别生成secret,不共用)

kubectl create secret docker-registry harborsecret \
    --docker-server=harbor.xxxx.com.cn \
    --docker-username= demo_user \
    --docker-password= demo_pwd \
    --docker-email=[email protected] \
    --namespace=default

 

 

三,查看此secret的配置内容

get secret harbor secret --output=yaml
apiVersion: v1
data:
  .dockerconfigjson: eyJhdxxxQwTnRPR055WldvNCJ9fX0=
kind: Secret
metadata:
  creationTimestamp: "2019-08-27T07:52:30Z"
  name: harborsecret
  namespace: default
  resourceVersion: "7745813"
  selfLink: /api/v1/namespaces/default/secrets/prismsecret
  uid: 9f2b1b8b-c89f-11e9-b546-065214003ae8
type: kubernetes.io/dockerconfigjson

 

四,解析出此secretdata的具体内容

kubectl get secret harborsecret --output="jsonpath={.data.\.dockerconfigjson}" |base64 -d
{"auths":{"harbor.xxxx.com.cn":{"username":"demo_user","password":"demo_pwd","email":"[email protected]","auth":"YWRxxxbk0}}

 

五,yaml中设置secret

如果命令难记,可以使用yaml文件(如果apply出错,注意dockerconfigjson内容)

apiVersion: v1
data:
  .dockerconfigjson: eyJhdXRxxxYmswemQwTnRPR055WldvNCJ9fX0=
kind: Secret
metadata:
  name: harborsecret
  namespace: default
type: kubernetes.io/dockerconfigjson

 

 

六,yaml中应用secret

。。。
spec:
      imagePullSecrets:
      - name: harborsecret
      nodeSelector:
        accelerator: nvidia-tesla-k80
      containers:
      - name: ai-jupyter-v2
        image: harbor.xxx.com.cn/3rd_part/tensorflow:20190812
        imagePullPolicy: IfNotPresent
    。。。

 


转载于:https://www.cnblogs.com/aguncn/p/11419150.html

你可能感兴趣的:(K8s集群中设置harbor仓库认证)