从AWS ECR部署Kubernetes失败,状态代码:401未授权

cbwuti44  于 2023-10-17  发布在  Kubernetes
关注(0)|答案(1)|浏览(188)

我想从AWS ECR部署镜像到Kubernetes。我使用这个命令来获取token:

TOKEN=`aws ecr get-login-password --region us-east-1 | cut -d' ' -f6`                                                                                                                                       
kubectl delete secret -n default --ignore-not-found awsecr-cred                                                                                                                                           
kubectl create secret -n default docker-registry awsecr-cred --docker-server=123456789.dkr.ecr.us-east-1.amazonaws.com/test-gateway --docker-username=AWS --docker-password=$TOKEN --namespace=default

在pod日志中,我得到错误:

Failed to pull image "123456789.dkr.ecr.us-east-1.amazonaws.com/test-gateway:0.0.1": rpc error: code = Unknown desc = failed to pull and unpack image "123456789.dkr.ecr.us-east-1.amazonaws.com/test-gateway:0.0.1": failed to resolve reference "123456789.dkr.ecr.us-east-1.amazonaws.com/test-gateway:0.0.1": pulling from host 123456789.dkr.ecr.us-east-1.amazonaws.com failed with status code [manifests 0.0.1]: 401 Unauthorized

当我运行aws ecr get-login-password --region us-east-1 | cut -d' ' -f6时,我得到token。你知道我哪里错了吗?

dfuffjeb

dfuffjeb1#

你的部署yaml是什么样子的?您需要为pod指定imagePullSecrets。它应该看起来像这样:

apiVersion: v1
kind: Pod
metadata:
  name: private-reg
spec:
  containers:
  - name: private-reg-container
    image: <your-private-image>
  imagePullSecrets:
  - name: regcred

你可以在这里找到一个完整的例子。

相关问题