BOU*_*UGA 5 docker docker-swarm-mode
我正在Swarm集群上运行服务,感谢docker stack deploy --with-registry-auth和这个撰写文件:
version: "3.1"
services:
builder-consumer:
image: us.gcr.io/my-gcloud-project/my/image:123
stop_grace_period: 30m
volumes:
- [...]
environment:
- [...]
deploy:
mode: global
placement:
constraints:
- node.role == worker
secrets:
- [...]
secrets:
[...]
这在部署时工作正常,但是当我稍后向群添加工作节点时,新工作人员无法提取运行任务所需的映像.系统日志报告:
level = error msg ="在请求\"/ v2/my-gcloud-project/my/image/manifests/123 \"之后,不继续执行错误后拉:拒绝:\ 123 \"权限被拒绝."
level = info msg ="翻译"被拒绝:来自请求\\"/ v2/my-gcloud-project/my/image/manifests/123 \\"的\\"123 \\"权限被拒绝.\"到\"存储库us.gcr.io/my-gcloud-project/my/image未找到:不存在或没有拉取访问权限"""
level = error msg ="pull image failed"error ="repository us.gcr.io/my-gcloud-project/my/image not found:不存在或没有pull access"module ="node/agent/taskmanager"节点.id = ... service.id = ... task.id = ...
level = error msg ="致命任务错误"error ="没有这样的图像:us.gcr.io/my-gcloud-project/my/image:123@sha256:..."module ="node/agent/taskmanager" node.id = ... service.id = ... task.id = ...
但是,当我docker pull在该计算机上手动运行时,它运行正常,因为群集中的每台计算机都通过我的私有Google注册表进行身份验证,这要归功于docker login.
因此,我的问题是:
--with-registry-auth做了什么?非常感谢
注意:节点运行的是Ubuntu 16.04.2 LTS,Docker版本是:
Server:
Version: 17.04.0-ce
API version: 1.28 (minimum version 1.12)
Go version: go1.7.5
Git commit: 4845c56
Built: Mon Apr 3 18:07:42 2017
OS/Arch: linux/amd64
Experimental: false
| 归档时间: |
|
| 查看次数: |
1433 次 |
| 最近记录: |