Red Hat Summit 红帽全球峰会支持控制台(Console)开发人员开始试用联系人

此内容没有您所选择的语言版本。

Chapter 7. Using image streams with Kubernetes resources

Image streams, being OpenShift Container Platform native resources, work with all native resources available in OpenShift Container Platform, such as Build or DeploymentConfigs resources. It is also possible to make them work with native Kubernetes resources, such as Job, ReplicationController, ReplicaSet or Kubernetes Deployment resources.

7.1. Enabling image streams with Kubernetes resources
复制链接

When using image streams with Kubernetes resources, you can only reference image streams that reside in the same project as the resource. The image stream reference must consist of a single segment value, for example ruby:2.5, where ruby is the name of an image stream that has a tag named 2.5 and resides in the same project as the resource making the reference.

Important

Do not run workloads in or share access to default projects. Default projects are reserved for running core cluster components.

The following default projects are considered highly privileged: default, kube-public, kube-system, openshift, openshift-infra, openshift-node, and other system-created projects that have the openshift.io/run-level label set to 0 or 1. Functionality that relies on admission plugins, such as pod security admission, security context constraints, cluster resource quotas, and image reference resolution, does not work in highly privileged projects.

There are two ways to enable image streams with Kubernetes resources:

  • Enabling image stream resolution on a specific resource. This allows only this resource to use the image stream name in the image field.
  • Enabling image stream resolution on an image stream. This allows all resources pointing to this image stream to use it in the image field.

Procedure

You can use oc set image-lookup to enable image stream resolution on a specific resource or image stream resolution on an image stream.

  1. To allow all resources to reference the image stream named mysql, enter the following command: 

    $ oc set image-lookup mysql
    Copy to Clipboard Toggle word wrap

    This sets the Imagestream.spec.lookupPolicy.local field to true.

    Imagestream with image lookup enabled

    apiVersion: image.openshift.io/v1
kind: ImageStream
metadata:
  annotations:
    openshift.io/display-name: mysql
  name: mysql
  namespace: myproject
spec:
  lookupPolicy:
    local: true
    Copy to Clipboard Toggle word wrap

    When enabled, the behavior is enabled for all tags within the image stream.

  2. Then you can query the image streams and see if the option is set: 

    $ oc set image-lookup imagestream --list
    Copy to Clipboard Toggle word wrap

You can enable image lookup on a specific resource.

  • To allow the Kubernetes deployment named mysql to use image streams, run the following command: 

    $ oc set image-lookup deploy/mysql
    Copy to Clipboard Toggle word wrap

    This sets the alpha.image.policy.openshift.io/resolve-names annotation on the deployment.

    Deployment with image lookup enabled

    apiVersion: apps/v1
kind: Deployment
metadata:
  name: mysql
  namespace: myproject
spec:
  replicas: 1
  template:
    metadata:
      annotations:
        alpha.image.policy.openshift.io/resolve-names: '*'
    spec:
      containers:
      - image: mysql:latest
        imagePullPolicy: Always
        name: mysql
    Copy to Clipboard Toggle word wrap

You can disable image lookup.

  • To disable image lookup, pass --enabled=false: 

    $ oc set image-lookup deploy/mysql --enabled=false
    Copy to Clipboard Toggle word wrap
返回顶部
Red Hat logoGithubredditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。 了解我们当前的更新.

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

Theme

© 2025 Red Hat