-
Notifications
You must be signed in to change notification settings - Fork 4.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Image pull issue from Harbor registry which is deployed on the same cluster. #20524
Comments
That would seem like some DNS issue in your k8s cluster since it fails to lookup the hostname. Connection to the harbor registry is not even made Also, you're trying to access port 80 over https. I would strongly recommend using harbor's internal tls for this one |
Please don't use service name to serve Harbor service, because you should always pull image through externalURL |
@stonezdj Why we can't access harbor service through service Type Cluster IP (internal to cluster). Generally, if it is ClusterIP, we generally access it through service name right? We don't want to expose registry outside cluster due to security issues. |
When pulling image from Harbor, it always request the bearer token via |
@stonezdj It starts referencing the image from docker.io. Could you please let us know why it is pointing to "docker.io/harbor/ix/test/redis:latest Am I missing any configuration here? Created Kubernetes image secret object using following: |
Hi Harbor Team,
We plan to have a local container registry in the same cluster where our applications are running. We need this local container registry to support the network disconnections.
I have deployed Harbor in our cluster as local container registry and was able to successfully pull and push images from outside the cluster through nodePort and ingress service types.
![image](https://private-user-images.githubusercontent.com/112939073/335446543-6d334571-1218-4cb9-a113-02248cb6a738.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAyNDExMjcsIm5iZiI6MTcyMDI0MDgyNywicGF0aCI6Ii8xMTI5MzkwNzMvMzM1NDQ2NTQzLTZkMzM0NTcxLTEyMTgtNGNiOS1hMTEzLTAyMjQ4Y2I2YTczOC5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNzA2JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDcwNlQwNDQwMjdaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT1jYjU4YjU4Yjg2ODhiMWQzMzA2ZTg2ZDc1ZTU3NjgyNDliNTgxMDY5MWY0N2M1MjIxOWUzYTQzNDdjZTFlOTUzJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.XEc-PR0OrQvZuOb3qIUnLPc7_WNc9tx4Zty_nY0CEck)
However, this is not our use case. We need to pull the images within the cluster for which I am making use of "harbor core" service to access the repositories. Note: I have tried it with image pull secret where un: admin, pw: Harbor12345 url: http://test-harbor-core.harbor.svc:80
example:
When I try to deploy the pod, I get following error:
![image](https://private-user-images.githubusercontent.com/112939073/335447154-590b089b-2ae9-4a44-b8a4-aa11871b3761.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAyNDExMjcsIm5iZiI6MTcyMDI0MDgyNywicGF0aCI6Ii8xMTI5MzkwNzMvMzM1NDQ3MTU0LTU5MGIwODliLTJhZTktNGE0NC1iOGE0LWFhMTE4NzFiMzc2MS5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNzA2JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDcwNlQwNDQwMjdaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT1lZDcyNzNkNGMxYWJkMDRiMTMyODJlMTQ3ZDhlZGYwMjRmZmM1NGEwNmZiNjA0NjZiNjYxMjljNmJiMWVhYWIzJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.r3XuywJf-xLT7In1NsMFDBLfS7d8_D0U2jpakAgYZ1Y)
Could you please let us if we are missing anything? Is any configuration is missing? i am able to ping harbor.core service pod from other pods successfully.
NOTE: When exposed through NodePort or Ingress from cluster, I am successfully pulling the images from Harbor container registry.
![image](https://private-user-images.githubusercontent.com/112939073/335447624-97dcdda7-99f5-4c19-ae7f-1c1b4b66fcb1.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAyNDExMjcsIm5iZiI6MTcyMDI0MDgyNywicGF0aCI6Ii8xMTI5MzkwNzMvMzM1NDQ3NjI0LTk3ZGNkZGE3LTk5ZjUtNGMxOS1hZTdmLTFjMWI0YjY2ZmNiMS5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNzA2JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDcwNlQwNDQwMjdaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT1hYTIwYzBhNWQ2Y2RmOGE3MzQzODBjYzIzYzMxYmY1ZWY2ZjAzZTdjZGMzNzcwOGZmM2FjMmE2ZjVhY2YzMzU2JlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.deNu-IO7qdb93IF3vHqkrXVajuL3WmtNbYO3wAK4vKg)
Our Configuration:
Kubernetes version: v1.28.9+rke2r1
The text was updated successfully, but these errors were encountered: