Kubernetes on Azure AKS secrets for Docker Hub missing after autoscaling

11/5/2019

I am dealing with some issues on Kubernetes on Azure (AKS) using Autoscaler and secrets for pulling images from Docker Hub.
I created the secret in my applications namespace while having 3 nodes enabled (initial cluster status).

kubectl create secret docker-registry mysecret --docker-server=https://index.docker.io/v1/ --docker-username=<docker_id> --docker-password=<docker_password> -n mynamespace

I deploy my application using the imagePullSecrets option after specifying images URL.

      imagePullSecrets:
        - name: mysecret

After deploying the application I created the autoscaler rule.

kubectl autoscale deployment mydeployment --cpu-percent=50 --min=1 --max=20 -n mynamespace

All new pods pull the image correctly. However at some point when new Kubernetes node is being automatically deployed, all new pods requiring the DockerHub based image can not start.

Failed to pull image "mydocherhubaccount/myimage:mytag": rpc error: code = Unknown desc = Error response from daemon: pull access denied for mydocherhubaccount/myimage:mytag, repository does not exist or may require 'docker login': denied: requested access to the resource is denied

Is there anything I am missing here? I waited for 15 minutes and recreated pods but it did not help.

I use Kubernetes 1.15.5 on Azure AKS. The cluster was created using the following command.

az aks create -g myresourcegroup -n mynamespace --location eastus --kubernetes-version 1.15.5 --node-count 3 --node-osdisk-size 100 --node-vm-size Standard_D4_v3 --enable-vmss --enable-cluster-autoscaler --min-count 3 --max-count 5

I appreciate any help provided. It really got me stuck here.

-- Andrew S
azure-aks
dockerhub
kubernetes

0 Answers