In Kubernetes we use the secret of docker-registry type to authenticate with a container registry to pull a private image
One of the image in docker hub is made a private. when we tried to access the image,
[root@manja17-I13330 kubenetes-config]# docker pull docker.io/jagadesh1982/testing-service
Using default tag: latest
Trying to pull repository docker.io/jagadesh1982/testing-service ...
Get https://registry-1.docker.io/v2/jagadesh1982/testing-service/manifests/latest: unauthorized: incorrect username or password
lets create a secret for accessing the docker hub in kubernetes using,
[root@manja17-I13330 kubenetes-config]# kubectl create secret docker-registry docker-secret --docker-server https://index.docker.io/v1/ --docker-email jagadesh.manchala@gmail.com --docker-username=<user Name> --docker-password <Password>
secret "docker-secret" created
[root@manja17-I13330 kubenetes-config]# kubectl get secrets
NAME TYPE DATA AGE
default-token-fx8mm kubernetes.io/service-account-token 3 2h
docker-secret kubernetes.io/dockerconfigjson 1 9s
[root@manja17-I13330 kubenetes-config]# kubectl describe secret docker-secret
Name: docker-secret
Namespace: default
Labels: <none>
Annotations: <none>
Type: kubernetes.io/dockerconfigjson
Data
====
.dockerconfigjson: 180 bytes
Configure the Pod with the secret to pull the images as,
[root@manja17-I13330 kubenetes-config]# cat image-pull-secret.yml
apiVersion: v1
kind: Pod
metadata:
name: testing-service
spec:
containers:
- name: test-ser
image: docker.io/jagadesh1982/testing-service
ports:
- containerPort: 9876
imagePullSecrets:
- name: docker-secret
Now lets check the pod using,
[root@manja17-I13330 kubenetes-config]# kubectl get pods
NAME READY STATUS RESTARTS AGE
testing-service 1/1 Running 0 43s
We have defined the secret that we created to access the docker hub for downloading images in the pod manifest file. Since we defined the secret to download them , we can successfully create the pod and use.
Many to come, Happy learning :-)
No comments :
Post a Comment