K
Q

K8s issue pulling from docker private repoitory

11/25/2019

I have a Jhipster application which I want to deploy to Kubernetes. I used the jhipster kubernetes command to create all the k8s objects and I provided an Docker Hub repository in which to push them. The Docker Hub repository is a private one.

The deployment object looks like:

apiVersion: apps/v1
kind: Deployment
metadata:
    name: demodevices
    namespace: demo
spec:
    replicas: 1
    selector:
        matchLabels:
            app: demodevices
            version: 'v1'
    template:
        metadata:
            labels:
                app: demodevices
                version: 'v1'
        spec:
            initContainers:
                - name: init-ds
                  image: busybox:latest
                  command:
                      - '/bin/sh'
                      - '-c'
                      - |
                          while true
                          do
                            rt=$(nc -z -w 1 demodevices-postgresql 5432)
                            if [ $? -eq 0 ]; then
                              echo "DB is UP"
                              break
                            fi
                            echo "DB is not yet reachable;sleep for 10s before retry"
                            sleep 10
                          done
            containers:
                - name: demodevices-app
                  image: myRepo/demo:demodevices-1.0.0
                  env: ...
                  resources: ...
                  ports: ...
                  readinessProbe: ...
                  livenessProbe: ...
            imagePullSecrets:
            - name: regcred

Because I used a private Docker Hub repo, I added the imagePullSecret. The secret is created and deployed to k8s.

When applying the file, in the pods I see the following messages:

 Warning  Failed     <invalid> (x4 over <invalid>)  kubelet, k8node1   Failed to pull image "busybox:latest": rpc error: code = Unknown desc = Error response from daemon: Get https://registry-1.docker.io/v2/library/busybox/manifests/latest: unauthorized: incorrect username or password
 Warning  Failed     <invalid> (x4 over <invalid>)  kubelet, k8node1   Error: ErrImagePull
 Normal   BackOff    <invalid> (x6 over <invalid>)  kubelet, k8node1   Back-off pulling image "busybox:latest"
 Warning  Failed     <invalid> (x6 over <invalid>)  kubelet, k8node1   Error: ImagePullBackOff

As I understood, it tries do pull the busybox:latest image using the credentials for the private repository. The expected result is to pull the busybox:latest without errors and pull my custom image from my private repo. How to fix the above issue?

-- florin
dockerhub
jhipster
kubernetes

Similar Questions

How to profitably integrate Hashicorp Vault in Azure with access from external Gitlab and from internal k8s pods
how to write data outside a container?
Need to ship logs to elastic from EKS
Upgrading connection error in Port forwarding via client-go

2 Answers

11/25/2019

Have you added the Private Repo into the Docker In-Secure Registry. Also have you tried logging in into your private repo using docker login? When you do so it creates an entry into login creds.
Try doing a manual pull using docker login and docker pull/run. If this works it must work with K8s too.

-- Srini M
Source: StackOverflow
11/25/2019

This error is not connected to the fact you are using imagePullSecret.

Review the process you used to create your secret, here is an example:

kubectl create secret docker-registry anyname \
--docker-server=docker.io \
--docker-username=<username> \
--docker-password=<password> \
--docker-email=<email>

I have reproduced your case and I have the same error when I create the secret with wrong information.

-- mWatney
Source: StackOverflow