Skaffold dev 仅适用于 minikube。其他本地集群失败
Skaffold dev works with minikube only. Other on-prem cluster fails
我有一个 Spring 配置了 jib-maven 的启动应用程序
POM
<plugin>
<groupId>com.google.cloud.tools</groupId>
<artifactId>jib-maven-plugin</artifactId>
<version>2.1.0</version>
<configuration>
<from>
<image>openjdk:11-jre-slim</image>
</from>
<to>
<image>registry.demo/${project.artifactId}</image>
<tags>
<tag>${project.version}</tag>
</tags>
<tags>
<tag>latest</tag>
</tags>
</to>
<container>
<jvmFlags>
<jvmFlag>-XX:+UseContainerSupport</jvmFlag>
<jvmFlag>-XX:MinRAMPercentage=60.0</jvmFlag>
<jvmFlag>-XX:MaxRAMPercentage=90.0</jvmFlag>
<jvmFlag> -XshowSettings:vm</jvmFlag>
</jvmFlags>
<mainClass>com.demo.DemoApplication</mainClass>
</container>
</configuration>
SKAFFOLD.YAML
apiVersion: skaffold/v2beta1
kind: Config
metadata:
name: springtokube
build:
artifacts:
- image: registry.demo/springtokube
jib:
project: com.demo:springtokube
local:
push: true
concurrency: 1
useBuildkit: false
useDockerCLI: true
deploy:
kubectl:
manifests:
- deployment.yaml
同时设置不安全的注册表
skaffold config set --global insecure-registries registry.demo
但是当使用 minikube 我可以 运行 成功
skaffold dev
当使用其他 集群 (ON-PREM) 我得到
FATA[0016] exiting dev mode because first build failed: build failed: building [registry.demo/springtokube]: build artifact: getting image: GET http://registry.demo/v2/: : Not Found
可能是什么问题?
我今天使用 kubectl context 重新启动
skaffold debug --no-prune=false --cache-artifacts=false
失败了
Listing files to watch...
Generating tags...
- registry.demo/springtokube -> registry.demo/springtokube:cf60c31
Found [minikube] context, using local docker daemon.
Building [registry.demo/springtokube]...
.............
...............
[INFO] Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 2.294 s - in com.demo.springtokube.SpringtokubeApplicationTests
2020-04-15 08:45:48.277 INFO 30662 --- [extShutdownHook] o.s.s.concurrent.ThreadPoolTaskExecutor : Shutting down ExecutorService 'applicationTaskExecutor'
[INFO]
[INFO] Results:
[INFO]
[INFO] Tests run: 1, Failures: 0, Errors: 0, Skipped: 0
[INFO]
[INFO]
[INFO] --- maven-jar-plugin:3.1.2:jar (default-jar) @ springtokube ---
[INFO] Building jar: ....../springtokube/target/springtokube.jar
[INFO]
[INFO] --- spring-boot-maven-plugin:2.2.6.RELEASE:repackage (repackage) @ springtokube ---
[INFO] Replacing main artifact with repackaged archive
[INFO]
[INFO] --- jib-maven-plugin:2.1.0:build (default-cli) @ springtokube ---
[INFO]
[INFO] Containerizing application to registry.demo/springtokube:cf60c31, registry.demo/springtokube...
[WARNING] Base image 'openjdk:11-jre-slim' does not use a specific image digest - build may not be reproducible
[INFO] Getting manifest for base image openjdk:11-jre-slim...
[INFO] Building dependencies layer...
[INFO] Building resources layer...
[INFO] Building classes layer...
[INFO] Using credentials from Docker config (~/.docker/config.json) for registry.demo/springtokube:cf60c31
[WARNING] Cannot verify server at https://registry.demo/v2/. Attempting again with no TLS verification.
[WARNING] Cannot verify server at https://registry.demo/v2/springtokube/blobs/sha256:1fb3fb86aa52691fa3705554da5ba07dcb556f62a93ba7efab0e397ca3db092c. Attempting again with no TLS verification.
[WARNING] Cannot verify server at https://registry.demo/v2/springtokube/blobs/sha256:88a7d9887f9fdeb5a4736d07c64818453e00e71fe916b13f413eb6e545445a68. Attempting again with no TLS verification.
[WARNING] Cannot verify server at https://registry.demo/v2/springtokube/blobs/sha256:a6c851c4b90b9eb7af89d240dd4f438dba9feba5c78600fed7eadddf8cb7b647. Attempting again with no TLS verification.
[INFO] The base image requires auth. Trying again for openjdk:11-jre-slim...
[INFO] Using credentials from Docker config (~/.docker/config.json) for openjdk:11-jre-slim
[INFO] Using base image with digest: sha256:01669f539159a1b5dd69c4782be9cc7da0ac1f4ddc5e2c2d871ef1481efd693e
[INFO]
[INFO] Container entrypoint set to [java, -XX:+UseContainerSupport, -XX:MinRAMPercentage=60.0, -XX:MaxRAMPercentage=90.0, -XshowSettings:vm, -cp, /app/resources:/app/classes:/app/libs/*, com.demo.springtokube.SpringtokubeApplication]
[INFO]
[INFO] Built and pushed image as registry.demo/springtokube:cf60c31, registry.demo/springtokube
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 20.058 s
[INFO] Finished at: 2020-04-15T08:45:57+03:00
[INFO] ------------------------------------------------------------------------
Pruning images...
FATA[0024] exiting dev mode because first build failed: build failed: building [registry.demo/springtokube]: build artifact: getting image: GET http://registry.demo/v2/: : Not Found
我认为 minikube 有效。但是禁用缓存无法构建
如果我运行
skaffold debug OR skaffold dev
工作正常
但是如果我 运行 禁用缓存
skaffold debug --no-prune=false --cache-artifacts=false
失败它显示上面的日志
经过几天的努力,我找到了解决办法。
根据 Brian de Alwis 的建议,我能够使 Skaffold 使用 自签名证书 .
Skaffold build 或 dev 不使用放入的证书。
/etc/docker/certs.d/myregistrydomain.com/ca.crt
该路径仅供docker客户端使用。
解决方案是将您的注册表证书放入
/usr/local/share/ca-certificates/myregistrydomain.com.crt
然后
update-ca-certificates
如果您正在使用自签名证书,您的脚手架 yaml 文件中不需要不安全的注册表
apiVersion: skaffold/v2beta1
kind: Config
metadata:
name: springtokube
build:
# insecureRegistries:
# - myregistrydomain.com
或运行skaffold与
skaffold dev --insecure-registry=myregistrydomain.com
希望这能帮助其他努力使 skaffold 与 自签名证书
一起工作的人
我有一个 Spring 配置了 jib-maven 的启动应用程序
POM
<plugin>
<groupId>com.google.cloud.tools</groupId>
<artifactId>jib-maven-plugin</artifactId>
<version>2.1.0</version>
<configuration>
<from>
<image>openjdk:11-jre-slim</image>
</from>
<to>
<image>registry.demo/${project.artifactId}</image>
<tags>
<tag>${project.version}</tag>
</tags>
<tags>
<tag>latest</tag>
</tags>
</to>
<container>
<jvmFlags>
<jvmFlag>-XX:+UseContainerSupport</jvmFlag>
<jvmFlag>-XX:MinRAMPercentage=60.0</jvmFlag>
<jvmFlag>-XX:MaxRAMPercentage=90.0</jvmFlag>
<jvmFlag> -XshowSettings:vm</jvmFlag>
</jvmFlags>
<mainClass>com.demo.DemoApplication</mainClass>
</container>
</configuration>
SKAFFOLD.YAML
apiVersion: skaffold/v2beta1
kind: Config
metadata:
name: springtokube
build:
artifacts:
- image: registry.demo/springtokube
jib:
project: com.demo:springtokube
local:
push: true
concurrency: 1
useBuildkit: false
useDockerCLI: true
deploy:
kubectl:
manifests:
- deployment.yaml
同时设置不安全的注册表
skaffold config set --global insecure-registries registry.demo
但是当使用 minikube 我可以 运行 成功
skaffold dev
当使用其他 集群 (ON-PREM) 我得到
FATA[0016] exiting dev mode because first build failed: build failed: building [registry.demo/springtokube]: build artifact: getting image: GET http://registry.demo/v2/: : Not Found
可能是什么问题?
我今天使用 kubectl context 重新启动
skaffold debug --no-prune=false --cache-artifacts=false
失败了
Listing files to watch...
Generating tags...
- registry.demo/springtokube -> registry.demo/springtokube:cf60c31
Found [minikube] context, using local docker daemon.
Building [registry.demo/springtokube]...
.............
...............
[INFO] Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 2.294 s - in com.demo.springtokube.SpringtokubeApplicationTests
2020-04-15 08:45:48.277 INFO 30662 --- [extShutdownHook] o.s.s.concurrent.ThreadPoolTaskExecutor : Shutting down ExecutorService 'applicationTaskExecutor'
[INFO]
[INFO] Results:
[INFO]
[INFO] Tests run: 1, Failures: 0, Errors: 0, Skipped: 0
[INFO]
[INFO]
[INFO] --- maven-jar-plugin:3.1.2:jar (default-jar) @ springtokube ---
[INFO] Building jar: ....../springtokube/target/springtokube.jar
[INFO]
[INFO] --- spring-boot-maven-plugin:2.2.6.RELEASE:repackage (repackage) @ springtokube ---
[INFO] Replacing main artifact with repackaged archive
[INFO]
[INFO] --- jib-maven-plugin:2.1.0:build (default-cli) @ springtokube ---
[INFO]
[INFO] Containerizing application to registry.demo/springtokube:cf60c31, registry.demo/springtokube...
[WARNING] Base image 'openjdk:11-jre-slim' does not use a specific image digest - build may not be reproducible
[INFO] Getting manifest for base image openjdk:11-jre-slim...
[INFO] Building dependencies layer...
[INFO] Building resources layer...
[INFO] Building classes layer...
[INFO] Using credentials from Docker config (~/.docker/config.json) for registry.demo/springtokube:cf60c31
[WARNING] Cannot verify server at https://registry.demo/v2/. Attempting again with no TLS verification.
[WARNING] Cannot verify server at https://registry.demo/v2/springtokube/blobs/sha256:1fb3fb86aa52691fa3705554da5ba07dcb556f62a93ba7efab0e397ca3db092c. Attempting again with no TLS verification.
[WARNING] Cannot verify server at https://registry.demo/v2/springtokube/blobs/sha256:88a7d9887f9fdeb5a4736d07c64818453e00e71fe916b13f413eb6e545445a68. Attempting again with no TLS verification.
[WARNING] Cannot verify server at https://registry.demo/v2/springtokube/blobs/sha256:a6c851c4b90b9eb7af89d240dd4f438dba9feba5c78600fed7eadddf8cb7b647. Attempting again with no TLS verification.
[INFO] The base image requires auth. Trying again for openjdk:11-jre-slim...
[INFO] Using credentials from Docker config (~/.docker/config.json) for openjdk:11-jre-slim
[INFO] Using base image with digest: sha256:01669f539159a1b5dd69c4782be9cc7da0ac1f4ddc5e2c2d871ef1481efd693e
[INFO]
[INFO] Container entrypoint set to [java, -XX:+UseContainerSupport, -XX:MinRAMPercentage=60.0, -XX:MaxRAMPercentage=90.0, -XshowSettings:vm, -cp, /app/resources:/app/classes:/app/libs/*, com.demo.springtokube.SpringtokubeApplication]
[INFO]
[INFO] Built and pushed image as registry.demo/springtokube:cf60c31, registry.demo/springtokube
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 20.058 s
[INFO] Finished at: 2020-04-15T08:45:57+03:00
[INFO] ------------------------------------------------------------------------
Pruning images...
FATA[0024] exiting dev mode because first build failed: build failed: building [registry.demo/springtokube]: build artifact: getting image: GET http://registry.demo/v2/: : Not Found
我认为 minikube 有效。但是禁用缓存无法构建
如果我运行
skaffold debug OR skaffold dev
工作正常
但是如果我 运行 禁用缓存
skaffold debug --no-prune=false --cache-artifacts=false
失败它显示上面的日志
经过几天的努力,我找到了解决办法。
根据 Brian de Alwis 的建议,我能够使 Skaffold 使用 自签名证书 .
Skaffold build 或 dev 不使用放入的证书。
/etc/docker/certs.d/myregistrydomain.com/ca.crt
该路径仅供docker客户端使用。
解决方案是将您的注册表证书放入
/usr/local/share/ca-certificates/myregistrydomain.com.crt
然后
update-ca-certificates
如果您正在使用自签名证书,您的脚手架 yaml 文件中不需要不安全的注册表
apiVersion: skaffold/v2beta1
kind: Config
metadata:
name: springtokube
build:
# insecureRegistries:
# - myregistrydomain.com
或运行skaffold与
skaffold dev --insecure-registry=myregistrydomain.com
希望这能帮助其他努力使 skaffold 与 自签名证书
一起工作的人