我很难将 OpenShift V3 与我的 Github 存储库连接起来。我尝试按照 https://learn.openshift.com 上的教程进行操作但他们没有详细说明 OpenShift 和 Github 之间的凭据问题
然后,我尝试通过 CLI 运行新的应用程序进程。也没有成功。
>oc new-app https://github.com/<repo>
--> Found image da99a88 (4 weeks old) in image stream "openshift/nodejs" under tag "6" for "nodejs"
Node.js 6
---------
Node.js 6 available as docker container is a base platform for building and running various Node.js 6 applications and frameworks. Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.
Tags: builder, nodejs, nodejs6
* The source repository appears to match: nodejs
* A source build using source code from https://github.com/<repo> will be created
* The resulting image will be pushed to image stream "appname:latest"
* Use 'start-build' to trigger a new build
* WARNING: this source repository may require credentials.
Create a secret with your git credentials and use 'set build-secret' to assign it to the build config.
* This image will be deployed in deployment config "appname"
* Port 8080/tcp will be load balanced by service "appname"
* Other containers can access this service through the hostname "appname"
--> Creating resources ...
imagestream "appname" created
buildconfig "appname" created
deploymentconfig "appname" created
service "appname" created
--> Success
Build scheduled, use 'oc logs -f bc/<repo>' to track its progress.
Run 'oc status' to view your app.
当我查看日志时,它说 Openshift 无法连接 Github 端的存储库
Cloning "https://github.com/<repo>" ...
error: build error: failed to fetch requested repository "https://github.com/<repo>" with provided credentials
更新:
根据 user2983542 和 Graham Dumpleton 提供的非常有用的答案和评论,我创建了公共(public)和私有(private) SSH key
具有以下 tutorial 。我使用 passphase 创建了 key ,但我对 OpenShift blog 中的以下语句有点困惑:
One saving grace is that OpenShift will not allow you to use a key-pair where the private key has a passphrase. A best practice, which I am sure you are following, is that your primary identity SSH key should always have a passphrase; this will prevent you from inadvisedly using your primary identity SSH key.
无论如何,我正在尝试继续使用 passphase…我在 Github 端部署了公钥。之后,我在 OpenShift 上创建了 kubernetes.io/ssh-auth
类型的 secret
,并将其作为环境变量链接到部署。
BuildConfig 的 Github 部分如下所示:
triggers:
- github:
secret: M6_whatever...
type: GitHub
部署失败并显示以下消息:
--> Scaling myappname-1 to 1
--> Waiting up to 10m0s for pods in rc myappname-1 to become ready
error: update acceptor rejected myappname-1: pods for rc "myappname-1" took longer than 600 seconds to become ready
请您指出我做错了什么吗?
最佳答案
您将需要创建源克隆 secret 。根据您运行的 OpenShift 版本,可能有不同的选项可供您使用。 SSH key 身份验证应该是所有版本的标准。
您应该生成一个新的 SSH key 对并将您的公钥上传到 Github。 See the docs at Github for instructions您只需要使用您的私钥创建一个 secret 。示例:
oc secrets new-sshauth sshsecret \
--ssh-privatekey=$HOME/.ssh/id_rsa_examplekey
然后您可能需要将此 secret 链接到 builder
使用 oc secrets link new-sshauth
的服务帐户
请参阅 OpenShift 文档 here有关 3.6 的更多信息和选项,但请根据需要引用您自己的版本
最后,您需要更新 BuildConfig 对象以引用新的 key 。 oc set build-secret --source bc/example-build sshsecret
关于github - 使 Openshift V3 与 Github 存储库连接,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/45894680/