K
Q

Image pulling issue on Kubernetes from private repository

7/13/2020

I created registry credits and when I apply on pod like this:

apiVersion: v1
kind: Pod
metadata:
  name: private-reg
spec:
  containers:
  - name: private-reg-container
    image: registry.io.io/simple-node
  imagePullSecrets:
  - name: regcred

it works succesfly pull image

But if I try to do this:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: node123
  namespace: node123
spec:
  replicas: 5
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 2
      maxUnavailable: 0
  selector:
    matchLabels:
      name: node123
  template:
      metadata:
          labels:
              name: node123
      spec:
          containers:
              - name: node123
                image: registry.io.io/simple-node
                ports:
                - containerPort: 3000
          imagePullSecrets:
             - name: regcred

On pod will get error: ImagePullBackOff

when I describe it getting

Failed to pull image "registry.io.io/simple-node": rpc error: code = Unknown desc = Error response from daemon: Get https://registry.io.io/v2/simple-node/manifests/latest: no basic auth credentials

Anyone know how to solve this issue?

-- Vladimir Djukic
bash
docker-registry
kubernetes

Similar Questions

Persistent volume error when installing Prometheus using Helm
kubernetes configmaps for binary file
kubernetes giving error,but code works
Connect to local database from inside minikube cluster
Dockerized API Server Running in Kubernetes Slow Response Times?

1 Answer

7/13/2020

We are always running images from private registry. And this checklist might help you :

  1. Put your params in env variable in your terminal to have single source of truth:

    export DOCKER_HOST=registry.io.io export DOCKER_USER=<your-user> export DOCKER_PASS=<your-pass>

  2. Make sure that you can authenticate & the image really exist

    echo $DOCKER_PASS | docker login -u$DOCKER_USER --password-stdin $DOCKER_HOST docker pull ${DOCKER_HOST}/simple-node

  3. Make sure that you created the Dockerconfig secret in the same namespace of pod/deployment;

    namespace=mynamespace # default kubectl -n ${namespace} create secret docker-registry regcred \ --docker-server=${DOCKER_HOST} \ --docker-username=${DOCKER_USER} \ --docker-password=${DOCKER_PASS} \ --docker-email=anything@will.work.com

  4. Patch the service account used by the Pod with the secret

    namespace=mynamespace
kubectl -n ${namespace} patch serviceaccount default \
  -p '{"imagePullSecrets": [{"name": "regcred"}]}'
# if the pod use another service account, 
#     replace "default" by the relevant service account

    or

    Add imagePullSecrets in the pod :

    imagePullSecrets:
 - name: regcred
containers:
 - ....
-- Abdennour TOUMI
Source: StackOverflow