K
Q

Deployment fails to Azure AKS from Bitbucket

5/9/2021

I created a Bitbucket pipeline and trying yo deploy a basic pod to Azure AKS. bitbucket-pipelines.yml is below;

image: atlassian/default-image:2

options:
  docker: true
pipelines:
  default:
    - step:
        name: Docker login
        caches:
           - docker
        script:
          - docker login -u $DOCKERHUB_USER -p $DOCKERHUB_PASSWORD
    - step:
        name: "Deploy to PROD"
        deployment: production
        script:
          - pipe: microsoft/azure-aks-deploy:1.0.0
            variables:
              AZURE_APP_ID: $AZURE_APP_ID
              AZURE_PASSWORD: $AZURE_PASSWORD
              AZURE_TENANT_ID: $AZURE_TENANT_ID
              AZURE_AKS_NAME: "demo-aks"
              AZURE_RESOURCE_GROUP: "demo-rg"
              KUBECTL_COMMAND: 'apply'
              KUBERNETES_SPEC_FILE: 'test.yaml'

and test.yaml file is below;

apiVersion: v1
kind: Pod
metadata:
  name: test
  labels:
    app: test
spec:
  containers:
  - name: test
    image: myrepository/test:1234
    command: ["/bin/sleep", "3650d"]
    imagePullPolicy: IfNotPresent
  restartPolicy: Always

"kubectl apply -f test-yaml" command seems successfully executed and it's trying to create pod, but gives "docker login" error.

  Warning  Failed     9s (x2 over 24s)   kubelet            Failed to pull image "myrepository/test:1234": rpc error: code = Unknown desc = Error response from daemon: pull access denied for myrepository/test, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
  Warning  Failed     9s (x2 over 24s)   kubelet            Error: ErrImagePul

Docker user and pass variables already added and they're correct. Not sure where is the problem. Thanks!

-- yatta
azure
azure-aks
bitbucket
docker
kubernetes

Similar Questions

Traefik Ingress bad rule
Pod to Pod communication for a NodePort type service in kubernetes
What's the relationship between deployment and ConfigMap?
Run 3 component of an app in 3 different pods
Active-Passive Jenkins Setup in Kubernetes

1 Answer

5/9/2021

Have you created the right Docker credentials in AKS? If you are sure you docker login is right, then create the following secret in AKS:

kubectl create secret generic regcred \
    --from-file=.dockerconfigjson=<path/to/.docker/config.json> \
    --type=kubernetes.io/dockerconfigjson

where <path/to/.docker/config.json> usually is ~/.docker/config.json (of course you need to be able to reach that repo from your machine).

Then, quote this secret credential in your pod definition:

  imagePullSecrets:
  - name: regcred

To use your example:

apiVersion: v1
kind: Pod
metadata:
  name: test
  labels:
    app: test
spec:
  containers:
  - name: test
    image: myrepository/test:1234
    command: ["/bin/sleep", "3650d"]
    imagePullPolicy: IfNotPresent
  imagePullSecrets:
  - name: regcred
  restartPolicy: Always

AKS can easily pull images from public Docker Hub repositories or from Azure ACR (Azure Container Registry), but to connect to Docker Hub private you need to give the right connection data.

Reference: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

-- Luca Ghersi
Source: StackOverflow