我正在尝试将示例应用程序推送到 Knative,但是我遇到了以下错误消息:Revision "..." failed with message: Unable to fetch image "...": unsupported status code 401; body: Not Authorized
Knative 在 EC2 上已正确设置,我已经创建了一个服务帐户和密码以从 ECR 中提取。我错过了什么?我不确定为什么 Knative 无法访问我的私有(private) AWS 存储库,即使 K8s(不是 Knative)能够访问。
secret :
apiVersion: v1
kind: Secret
metadata:
name: registry-push-secret
annotations:
build.knative.dev/docker-0: https://....
type: kubernetes.io/basic-auth
stringData:
username: token
password: <token_value>
原生秘诀:
kubectl create secret docker-registry secret-name --docker-server=https://... --docker-username=token --docker-password=<token_value>
服务帐号:
apiVersion: v1
kind: ServiceAccount
metadata:
name: test-sa
secrets:
- name: registry-push-secret
imagePullSecrets:
- name: secret-name
原生配置:
apiVersion: serving.knative.dev/v1alpha1
kind: Service
metadata:
name: test
namespace: default
spec:
runLatest:
configuration:
revisionTemplate:
spec:
serviceAccountName: test-sa
container:
image: ...
imagePullPolicy: Always
env:
- name: TARGET
value: "..."
最佳答案
对于偶然发现此问题的任何人,它最终在 Github 问题中得到解决:https://github.com/knative/serving/issues/1996
关于kubernetes - 无法访问 Knative 中的私有(private)注册表,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/55971277/