private registry myprivateregistry.com:5000에 있는 이미지로 실행중인 deployment를 업데이트 하세요
kubectl get deploy web -o yaml > web.yaml
vim web.yaml
apiVersion: v1
items:
- apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
creationTimestamp: "2024-12-13T12:29:05Z"
generation: 1
labels:
app: web
name: web
namespace: default
resourceVersion: "1443"
uid: e2f565ed-880b-467a-b6a7-6c820fe5d4a6
spec:
progressDeadlineSeconds: 600
replicas: 2
revisionHistoryLimit: 10
selector:
matchLabels:
app: web
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app: web
spec:
containers:
- image: myprivateregistry.com:5000/nginx:alpine
imagePullPolicy: IfNotPresent
name: nginx
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
status:
availableReplicas: 2
conditions:
- lastTransitionTime: "2024-12-13T12:29:08Z"
lastUpdateTime: "2024-12-13T12:29:08Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2024-12-13T12:29:05Z"
lastUpdateTime: "2024-12-13T12:29:08Z"
message: ReplicaSet "web-cbfbbd684" has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 2
replicas: 2
updatedReplicas: 2
kind: List
metadata:
resourceVersion: ""
이미지를 myprivateregistry.com:5000/nginx:alpine 으로 수정
kubectl apply -f web.yaml
정의된 credentials로 secret object를 생성하세요
Name: private-reg-cred
Username: dock_user
Password: dock_password
Server: myprivateregistry.com:5000
Email: dock_user@myprivateregistry.com
Secret: private-reg-cred
Secret Type: docker-registry
Secret Data
kubectl create secret docker-registry private-reg-cred \
--docker-server=myprivateregistry.com:5000 \
--docker-username=dock_user \
--docker-password=dock_password \
--docker-email=dock_user@myprivateregistry.com \
--dry-run=client -o yaml > docker-secret.yaml
kubectl apply -f docker-secret.yaml
deployment가 새로 생성된 secret을 사용할 수 있도록 정의하세요
Image Pull Secret: private-reg-cred
deployment manifest에
spec.template.spec.imagePullSecrets 필드를 추가
spec:
imagePullSecrets:
- name: private-reg-cred
containers:
- image: myprivateregistry.com:5000/nginx:alpine
imagePullPolicy: IfNotPresent
name: nginx
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
kubectl apply -f web. --force
kubectl describe po [pod] 로 이미지가 정상적으로 Image: myprivateregistry.com:5000/nginx:alpine
Pulling되어 Running 상태인 것을 확인
'DevOps' 카테고리의 다른 글
| CKA 예제 리마인더 - 26. Network Policy (0) | 2024.12.13 |
|---|---|
| CKA 예제 리마인더 - 26. Security Contexts (0) | 2024.12.13 |
| CKA 예제 리마인더 - 24. Service Accounts (1) | 2024.12.13 |
| CKA 예제 리마인더 - 23. Cluster Roles (1) | 2024.12.12 |
| CKA 예제 리마인더 - 23. Role Based Access Controls (0) | 2024.12.12 |