K
Q

GKE Cluster can't pull (ErrImagePull) from Gitlab private Registry

12/18/2019

I have deployed my image in my gitlab docker repository

When I try to deploy my app on Kubernetes, I get the following error

cluster-default-pool-2e5b4771-5z37
  Normal   BackOff    29s (x2 over 30s)  kubelet, gke-gara-cluster-default-pool-2e5b4771-5z37  Back-off pulling image "registry.gitlab.com/gara-project/back-end-micro-services/mconsoleuser:latest"
  Warning  Failed     29s (x2 over 30s)  kubelet, gke-gara-cluster-default-pool-2e5b4771-5z37  Error: ImagePullBackOff
  Normal   Pulling    15s (x2 over 31s)  kubelet, gke-gara-cluster-default-pool-2e5b4771-5z37  pulling image "registry.gitlab.com/gara-project/back-end-micro-services/mconsoleuser:latest"
  Warning  Failed     14s (x2 over 30s)  kubelet, gke-gara-cluster-default-pool-2e5b4771-5z37  Failed to pull image "registry.gitlab.com/gara-project/back-end-micro-services/mconsoleuser:latest": rpc error: code = Unknown desc = Error response from daemon: Get https://registry.gitlab.com/v2/gara-project/back-end-micro-services/mconsoleuser/manifests/latest: unauthorized: HTTP Basic: Access denied
  Warning  Failed     14s (x2 over 30s)  kubelet, gke-gara-cluster-default-pool-2e5b4771-5z37  Error: ErrImagePull

I created a secret with my login and password with the command :

kubectl create secret docker-registry registry-gitlab-secrets --docker-server=registry.gitlab.com --docker-username=kosted --docker-password="MY-REAL-PASSWORD" \
--docker-email=mymail@yahoo.fr

I added in my deployment

imagePullSecrets:
        - name : registry-gitlab-secrets

My entire deployment looks like :

apiVersion: apps/v1
kind: Deployment
metadata:
  name: "{{ include "m-consoleuser.name" . }}-deployment"
  labels:
    app: {{ include "m-consoleuser.name" . }}
    tier: backend
spec:
  replicas: {{ .Values.replicaCount }}
  selector:
    matchLabels:
      app: {{ include "m-consoleuser.name" . }}
      tier: backend
  template:
    metadata:
      labels:
        app: {{ include "m-consoleuser.name" . }}
        tier: backend
    spec:
      containers:
        - name: {{ .Chart.Name }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          ports:
            - name: http
              containerPort: 9102
              protocol: TCP
          livenessProbe:
            httpGet:
              path: /
              port: http
          readinessProbe:
            httpGet:
              path: /
              port: http
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
    {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
    {{- end }}
    {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
    {{- end }}
      imagePullSecrets:
        - name: registry-gitlab-secrets

Still getting the same error. Please how could I do ?

EDIT: I ssh inside one of the node and run docker login registry.gitlab.com with the same credentials as provident during kubectl create secrets. I got login succeeded, and I can pull my image. I don't know why during helm deploy i can't pull the image

-- Teddy Kossoko
gitlab
google-cloud-platform
google-kubernetes-engine
kubernetes

Similar Questions

How to remove the server name from the error page returned by nginx ingress controller?
Tool fail over application to another node (other then k8s and docker swarm)
Configure custom DNS in kubernetes
Does the Helm-operator handle jobs?
BACKEND_SERVICES exceeded in Google Kubernetes Engine

0 Answers