How can I pull a docker image in a Kubernetes cluster from a private registry behind a ssh connection

3/4/2021

I’m trying to deploy a docker image on a kubernetes cluster. This cluster is on a server accessible via a ssh connection.

Here is the part of the .yaml I use to pull the image :

spec :
  containers :
  - name : my_image_name
    image : my_private_registry/my_image

my_image is stored in a private registry in another server accessible via a ssh connection (with a proxyjump).

I know how to pull an image from a private registry that is on the same server that the kubernetes cluster. But when it is on another server, I don’t. I'm sure that it is possible to configure kubernetes to make it use the ssh connection, but I didn't find ressources helping me to do that. The others private registry are accessible just by a "docker login" command ?

I’ve found a beginning of solution sending the image using a package named « docker_over_ssh », but it was not really appropriate. I’ve found a solution by pushing the image on dockerhub, but I’m sure that we can do better …

Thank you for your help. I’m sure that it is not complicated, but I’m quite new in kubernetes and docker.

-- Piege
docker
kubernetes
ssh

1 Answer

3/4/2021

It is quite important to understand, that the docker daemon does not run inside kubernetes. So whatever you provide through kubernetes objects (pods, services...) is usually not accessible from outside.

You could provide a mirror registry for your cluster, so that it is accessible in the usual way. Another option would be to use ssh port forwarding, if the ssh proxy allows that and use the forwarding host as registry.

-- Thomas
Source: StackOverflow