Kubernetes - How to Configure Docker Repository to Pull Image and Configure Secret

April 23, 2022

Introduction

In most of cases, you are not pulling images from docker hub public repository. You might have your private registry or repository configured in your premises. In that case, you need to tell kubernetes how to pull images from that repository.

Create Docker-Config json file

First, you need to create docker-config json file. Filename: docker-config.json

Assumming, I have registry/repository host as: my-docker-repository.com Example:

{
    "auths": {
        "my-docker-repository.com": {
            "username": "<username>",
            "password": "<artifactory token>",
            "email": "<email>",
            "auth": "<base64(username:token)>"
        }
    }
}

Note: The auth above is calculated as base64 of "username:token".

You might have multiple repositories. In that case, just add multiple such json like below:

{
  "auths":{
    "<repo1>":{
      "username": "",
      "password": "",
      "email": "",
      "auth": ""
    },
    "<repo2>":{
      "username": "",
      "password": "",
      "email": "",
      "auth": ""
    },
    "<repo3>":{
      "username": "",
      "password": "",
      "email": "",
      "auth": ""
    },
  }
}

Shell Script for Creating Secret

Below is the script for creating kubernetes secret.

kubectl create secret generic dockerreg_cred --from-file=.dockerconfigjson=./secret/prod/docker-config.json --type=kubernetes.io/dockerconfigjson

Where, I have placed the docker-config.json file at secret/prod/docker-config.json.

Above script will create a kubernetes secret. Now, is the time to use this secret while pulling docker image.

Sample Deployment Yaml Config file

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-api
  labels:
    app: my-api
spec:
  replicas: 1
  selector:
    matchLabels:
      app: my-api
  template:
    metadata:
      labels:
        app: my-api
    spec:
      containers:
      - name: my-api
        image: my-docker-repo.com/apps/head/my-api:latest
        imagePullPolicy: Always
        envFrom:
        - configMapRef:
            name: my-api-config
        ports:
        - containerPort: 8080
        volumeMounts:
            - name: my-api-pvc
              mountPath: /var/opt
        resources:
          limits:
            cpu: 2
            memory: 4Gi
          requests:
            cpu: 2
            memory: 4Gi
      imagePullSecrets:
      - name: dockerreg_cred
      volumes:
        - name: my-api-pvc
          persistentVolumeClaim:
            claimName: my-pvc

Note the section:

imagePullSecrets:
  - name: dockerreg_cred

You are all set.

kubernetesk8sdocker

Similar Posts

Latest Posts