无法访问 Knative 中的私有注册表
Unable to Access Private Registry in Knative
我正在尝试将示例应用程序推送到 Knative,但是我 运行 出现以下错误消息:
Revision "..." failed with message: Unable to fetch image "...": unsupported status code 401; body: Not Authorized
Knative 在 EC2 上正确设置,我已经创建了一个服务帐户和密码以从 ECR 中提取。我错过了什么?我不确定为什么 Knative 无法访问我的私有 AWS 存储库,即使 K8s(不是 Knative)能够访问。
秘密:
apiVersion: v1
kind: Secret
metadata:
name: registry-push-secret
annotations:
build.knative.dev/docker-0: https://....
type: kubernetes.io/basic-auth
stringData:
username: token
password: <token_value>
Knative 秘密:
kubectl create secret docker-registry secret-name --docker-server=https://... --docker-username=token --docker-password=<token_value>
服务帐号:
apiVersion: v1
kind: ServiceAccount
metadata:
name: test-sa
secrets:
- name: registry-push-secret
imagePullSecrets:
- name: secret-name
Knative 配置:
apiVersion: serving.knative.dev/v1alpha1
kind: Service
metadata:
name: test
namespace: default
spec:
runLatest:
configuration:
revisionTemplate:
spec:
serviceAccountName: test-sa
container:
image: ...
imagePullPolicy: Always
env:
- name: TARGET
value: "..."
对于遇到此问题的任何人,它最终在 Github 问题中得到解决:https://github.com/knative/serving/issues/1996
我正在尝试将示例应用程序推送到 Knative,但是我 运行 出现以下错误消息:
Revision "..." failed with message: Unable to fetch image "...": unsupported status code 401; body: Not Authorized
Knative 在 EC2 上正确设置,我已经创建了一个服务帐户和密码以从 ECR 中提取。我错过了什么?我不确定为什么 Knative 无法访问我的私有 AWS 存储库,即使 K8s(不是 Knative)能够访问。
秘密:
apiVersion: v1
kind: Secret
metadata:
name: registry-push-secret
annotations:
build.knative.dev/docker-0: https://....
type: kubernetes.io/basic-auth
stringData:
username: token
password: <token_value>
Knative 秘密:
kubectl create secret docker-registry secret-name --docker-server=https://... --docker-username=token --docker-password=<token_value>
服务帐号:
apiVersion: v1
kind: ServiceAccount
metadata:
name: test-sa
secrets:
- name: registry-push-secret
imagePullSecrets:
- name: secret-name
Knative 配置:
apiVersion: serving.knative.dev/v1alpha1
kind: Service
metadata:
name: test
namespace: default
spec:
runLatest:
configuration:
revisionTemplate:
spec:
serviceAccountName: test-sa
container:
image: ...
imagePullPolicy: Always
env:
- name: TARGET
value: "..."
对于遇到此问题的任何人,它最终在 Github 问题中得到解决:https://github.com/knative/serving/issues/1996