3 - 镜像库凭证

Registries are secrets containing credentials used to authenticate with private registries. Deployments use these secrets to authenticate with a private registry and then pull a Docker image hosted on it.

Note: Currently, credentials are pulled automatically only if the workload is created in the Rancher UI and not kubectl.

Registries are secrets containing credentials used to authenticate with private registries. Deployments use these secrets to authenticate with a private registry and then pull a Docker image hosted on it.

Prerequisites: You must have a private registry configured.

Note: Currently, credentials are pulled automatically only if the workload is created in the Rancher UI and not kubectl.

  • From the Global view, select the project containing the namespace(s) where you want to add a registry.

  • From the main menu, select Resources > Registries. Click Add Registry.

  • Enter a Name for the registry.

Note: Kubernetes classifies secrets, certificates, ConfigMaps, and registries all as secrets, and no two secrets in a project or namespace can have duplicate names. Therefore, to prevent conflicts, your registry must have a unique name among all secrets within your workspace.

  • Select a Scope for the registry.

  • Select the website that hosts your private registry. Then enter credentials that authenticate with the registry.

  • Click Save.

Result: Your secret is added to the project or namespace, depending on the scope you chose. You can view the secret in the Rancher UI from the Resources > Registries view.

What’s Next?

Now that you have a registry added to the project or namespace, you can add it to a workload that’s deploying an image from your private registry.

For more information on adding a registry to a workload, see Deploying Workloads.