I've been trying to run a deployment using a private init container image with little success, I always get this error:
Failed to pull image "private/app": Error: image private/app:latest not found
Error syncing pod, skipping: failed to "StartContainer" for "app" with ErrImagePull: "Error: image private/app:latest not found"
Here is my deployment:
"kind": "Deployment"
"apiVersion": "extensions/v1beta1"
"metadata":
"name": "tomcat"
"creationTimestamp": null
"spec":
"replicas": 1
"template":
"metadata":
"creationTimestamp": null
"labels":
"service": "tomcat"
"annotations":
"pod.beta.kubernetes.io/init-containers": '[
{
"name": "app",
"image": "private/app",
"imagePullPolicy": "IfNotPresent"
}
]'
"spec":
"containers":
- "name": "tomcat"
"image": "private/tomcat"
"ports":
- "containerPort": 8080
"protocol": "TCP"
"imagePullSecrets":
- "name": "my-secret"
"restartPolicy": "Always"
"strategy": {}
"status": {}
I also tried it with the change suggested here kubernetes init containers using a private repo:
"pod.beta.kubernetes.io/init-containers": '[
{
"name": "app",
"image": "private/app",
"imagePullPolicy": "IfNotPresent",
"imagePullSecrets": [
{
"name": "my-secret"
}
]
}
]'
But still nothing...
Note that I have tested this deployment without the init container and the image pulling was successful.
Also note that this is a simplified version of my actual configuration, in the real configuration there is volume mounting for both containers and some env variables.
How do I configure "imagePullSecrets" for an init-container?
Edit: I was asking around in the kubernetes slack channel and it seems I forgot to give permissions to the cluster docker user (CI docker user if you would) permissions to this hub repository, once I did that the "imagePullPolicy" on the init container was redundant, the one on the "template" > "spec" was enough.
Thanks @koki, wherever you might be.
so i was the one who asked that other question you referenced. this is using your example what my init section looks like. and this does not work for you?
"pod.beta.kubernetes.io/init-containers": '[
{
"name": "app",
"image": "private/app",
"imagePullPolicy": "IfNotPresent",
"imagePullSecrets": "my-secret"
}
]'
I still cant pull private initContainers.
In my situation i'm adding a initContainer to mongodb chart.
When i add imagePullSecrets: to the initContainer i get.
error: error validating "/helm.txt": error validating data: ValidationError(Deployment.spec.template.spec.initContainers[0]): unknown field "imagePullSecrets" in io.k8s.api.core.v1.Container; if you choose to ignore these errors, turn validation off with --validate=false
You should using secret
object.
something like this:
kubectl create secret docker-registry myregistry \
--docker-server=https://example.io \
--docker-username=foo \
--docker-password=boosecret \
--docker-email=example@boo.com
And use it , in another object like this:
imagePullSecrets:
- name: myregistry