一、先部署Jenkins和k8s连接和动态slave
https://axzys.cn/index.php/archives/521/二、流水线的配置
cat > Dockerfile << EOF
FROM busybox
CMD ["echo","hello","container"]
EOF
nerdctl build -t busybox:v1 .
root@k8s-03:~# nerdctl images
REPOSITORY TAG IMAGE ID CREATED PLATFORM SIZE BLOB SIZE
busybox v1 05610df32232 19 seconds ago linux/amd64 4.338MB 2.146MB
buildkitd-test v1 05610df32232 41 hours ago linux/amd64 4.338MB 2.146MB
#打标签
root@k8s-03:~# nerdctl tag busybox:v1 192.168.30.180:30003/test/busybox:v1
#推送报错,https连接 要证书
root@k8s-03:~# nerdctl push 192.168.30.180:30003/test/busybox:v1
INFO[0000] pushing as a reduced-platform image (application/vnd.docker.distribution.manifest.v2+json, sha256:05610df32232fdd6d6276d0aa50c628fc3acd75deb010cf15a4ac74cf35ea348)
manifest-sha256:05610df32232fdd6d6276d0aa50c628fc3acd75deb010cf15a4ac74cf35ea348: waiting |--------------------------------------|
layer-sha256:90b9666d4aed1893ff122f238948dfd5e8efdcf6c444fe92371ea0f01750bf8c: waiting |--------------------------------------|
config-sha256:0b44030dca1d1504de8aa100696d5c86f19b06cec660cf55c2ba6c5c36d1fb89: waiting |--------------------------------------|
elapsed: 0.1 s total: 0.0 B (0.0 B/s)
FATA[0000] failed to do request: Head "https://192.168.30.180:30003/v2/test/busybox/blobs/sha256:90b9666d4aed1893ff122f238948dfd5e8efdcf6c444fe92371ea0f01750bf8c": tls: failed to verify certificate: x509: certificate signed by unknown authority #从Harbor中下载ca证书
root@k8s-03:~# sudo cp ca.crt /usr/local/share/ca-certificates/192.168.30.180-registry.crt
#更新证书
root@k8s-03:~# sudo update-ca-certificates
Updating certificates in /etc/ssl/certs...
rehash: warning: skipping ca-certificates.crt,it does not contain exactly one certificate or CRL
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
#重启containerd
root@k8s-03:~# sudo systemctl restart containerd
#推送镜像到Harbor,下面报错了原因是没有登录Harbor
root@k8s-03:~# nerdctl push 192.168.30.180:30003/test/busybox:v1
INFO[0000] pushing as a reduced-platform image (application/vnd.docker.distribution.manifest.v2+json, sha256:05610df32232fdd6d6276d0aa50c628fc3acd75deb010cf15a4ac74cf35ea348)
manifest-sha256:05610df32232fdd6d6276d0aa50c628fc3acd75deb010cf15a4ac74cf35ea348: waiting |--------------------------------------|
layer-sha256:90b9666d4aed1893ff122f238948dfd5e8efdcf6c444fe92371ea0f01750bf8c: waiting |--------------------------------------|
config-sha256:0b44030dca1d1504de8aa100696d5c86f19b06cec660cf55c2ba6c5c36d1fb89: waiting |--------------------------------------|
elapsed: 0.1 s total: 0.0 B (0.0 B/s)
FATA[0000] push access denied, repository does not exist or may require authorization: authorization failed: no basic auth credentials 、
#登录Harbor
root@k8s-03:~# nerdctl login 192.168.30.180:30003
Enter Username: admin
Enter Password:
WARNING! Your credentials are stored unencrypted in '/root/.docker/config.json'.
Configure a credential helper to remove this warning. See
https://docs.docker.com/go/credential-store/
Login Succeeded
#再次推送成功
root@k8s-03:~# nerdctl push 192.168.30.180:30003/test/busybox:v1
INFO[0000] pushing as a reduced-platform image (application/vnd.docker.distribution.manifest.v2+json, sha256:05610df32232fdd6d6276d0aa50c628fc3acd75deb010cf15a4ac74cf35ea348)
manifest-sha256:05610df32232fdd6d6276d0aa50c628fc3acd75deb010cf15a4ac74cf35ea348: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:90b9666d4aed1893ff122f238948dfd5e8efdcf6c444fe92371ea0f01750bf8c: done |++++++++++++++++++++++++++++++++++++++|
config-sha256:0b44030dca1d1504de8aa100696d5c86f19b06cec660cf55c2ba6c5c36d1fb89: done |++++++++++++++++++++++++++++++++++++++|
elapsed: 0.7 s total: 2.0 Mi (2.9 MiB/s)
root@k8s-03:~#
评论 (0)