我正在尝试使用SSH密钥将私有git仓库(gitLab)克隆到kubernetes容器中。我已将密钥存储在一个秘密中。这是执行所需任务的作业的yaml文件。
继承人相同的问题,但没有给出确切的解决方案:
在Kubernetes Pod中克隆一个安全的git repo
执行后初始化容器的日志:
fetch http://dl-cdn.alpinelinux.org/alpine/v3.7/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.7/community/x86_64/APKINDEX.tar.gz
v3.7.1-66-gfc22ab4fd3 [http://dl-cdn.alpinelinux.org/alpine/v3.7/main]
v3.7.1-55-g7d5f104fa7 [http://dl-cdn.alpinelinux.org/alpine/v3.7/community]
OK: 9064 distinct packages available
OK: 23 MiB in 23 packages
Cloning into '/tmp'...
Host key verification failed.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
yaml文件非常适合公共回购:
apiVersion: batch/v1
kind: Job
metadata:
name: nest-build-kaniko
labels:
app: nest-kaniko-example
spec:
template:
spec:
containers:
-
image: 'gcr.io/kaniko-project/executor:latest'
name: kaniko
args: ["--dockerfile=/workspace/Dockerfile",
"--context=/workspace/",
"--destination=aws.dest.cred"]
volumeMounts:
-
mountPath: /workspace …我需要使用 kubeadm 配置文件初始化我的 kubernetes 集群,因为我需要传递一些额外的参数,这些参数不能直接用于kubeadm init.
我确实创建了一个配置文件,它工作正常。我浏览了 kubeadm 配置文件的文档,但仍然无法获得与命令行标志等效的选项--apiserver-advertise-address
我的 kubeadm 版本是 1.15.7
这是我当前的配置:注释掉的行是我已经尝试过但似乎不起作用的选项。
#apiVersion: kubeadm.k8s.io/v1beta2
#kind: InitConfiguration
#APIEndpoint:
# advertiseAddress: "192.168.224.22"
# bindPort: 6443
#controlPlaneEndpoint: "192.168.224.22:6443"
apiServer:
advertiseAddress: "192.168.224.22"
extraArgs:
authorization-mode: Node,RBAC
# advertise-address: 192.168.224.22
authentication-token-webhook-config-file: /webhook/webhook-config.yaml
extraVolumes:
- name: "webhook-conf"
hostPath: "/webhook/"
mountPath: "/webhook/"
readOnly: true
pathType: DirectoryOrCreate
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns:
type: CoreDNS
etcd:
local:
dataDir: /var/lib/etcd
#APIEndpoint:
# advertiseAddress: "192.168.224.22"
# bindPort: 6443
imageRepository: …