Pull Image from Private Docker Registry in Kubernetes cluster | Demo

    32
    49



    This video is a demo of deploying your application image from private docker registry hosted on AWS | Kubernetes pull image from private registry | Kubernetes Docker login

    I answer the question of how to get your docker images in your kubernetes cluster from private docker registries?
    For images like Mongodb, elastic, that are hosted on docker hub, it’s straightforward because they are hosted in a public repository and anyone can access them. But your own application lives in a private repository and needs explicit access from the cluster. So how do you pull the application images from your private docker repository on kubernetes cluster?

    You do that using 2 steps:
    1) you create a secret component that contains access token/credentials to your docker registry.
    2) you configure your Deployment component to use that secret using a specific imagePullSecrets.
    In the video I show you exactly this.

    ► CLI Commands and YAML Files for this video: https://gitlab.com/nanuchi/kubernetes-tutorial-series-youtube/-/tree/master/pull-images-from-private-reporsitory-in-k8s
    ► Demo Nodejs app: https://gitlab.com/nanuchi/techworld-js-docker-demo-app

    ▬▬▬▬▬▬ T I M E S T A M P S
    0:00 – Intro – common workflow
    1:11 – Steps to pull image from private registry
    1:40 – Environment Setup: Private Registry, Application, Minikube
    2:42 – Login to AWS Container Repository | docker login and create docker config.json file
    8:20 – Create Secret component
    15:45 – Configure Deployment component
    20:51 – Summary

    ——————————————————————————————————-
    Full Kubernetes and Docker tutorial ► https://bit.ly/2YGeRp9
    DevOps Tools, like Ansible ► https://bit.ly/2W9UEq6
    Complete K8s Application Setup ► https://youtu.be/EQNO_kM96Mo
    Kubernetes Components explained ► https://www.youtube.com/watch?v=Krpb44XR0bk&t=364s

    For any questions/issues/feedback, please leave me a comment and I will get back to you as soon as possible. Also please let me know what you want to learn about Docker & Kubernetes or another technology.

    #kubernetes #kubernetestutorial #devops #techworldwithnana
    ——————————————————————————————————-

    ▬▬▬▬▬▬ Connect with me 👋 ▬▬▬▬▬▬
    Join private Facebook group ► https://bit.ly/32UVSZP
    Don’t forget to subscribe ► https://bit.ly/3mO4jxT
    DEV ► https://bit.ly/3h2fqiO
    INSTAGRAM ► https://bit.ly/2F3LXYJ
    TWITTER ► https://bit.ly/3i54PUB
    LINKEDIN ► https://bit.ly/3hWOLVT

    Legal Notice:
    Kubernetes and the Kubernetes logo are trademarks or registered trademarks of The Linux Foundation in the United States and/or other countries. The Linux Foundation and other parties may also have trademark rights in other terms used herein. This video is not accredited, certified, affiliated with, nor endorsed by Kubernetes or The Linux Foundation.

    source

    Previous articleDocker Networking Options
    Next articleDevOps Interview Questions Answers (From Sr. Cloud Architect) | Moderate to Advanced

    49 COMMENTS

    1. ► CLI Commands and YAML Files for this video: https://gitlab.com/nanuchi/kubernetes-tutorial-series-youtube/-/tree/master/pull-images-from-private-reporsitory-in-k8s
      ► Demo Nodejs app: https://gitlab.com/nanuchi/techworld-js-docker-demo-app

      ▬▬▬▬▬▬ T I M E S T A M P S
      0:00 – Intro – common workflow
      1:11 – Steps to pull image from private registry
      1:40 – Environment Setup: Private Registry, Application, Minikube
      2:42 – Login to AWS Container Repository | docker login and create docker config.json file
      8:20 – Create Secret component
      15:45 – Configure Deployment component
      20:51 – Summary

      👉🏼 For any questions/issues/feedback, please leave me a comment and I will get back to you as soon as possible.
      Please don't forget to subscribe and give me a thumbs up if you liked my video 😊🙏

    2. I am stucked at minute 7:26 when you run the docker login command from within Minikube (after you do minikube ssh). I am not using an AWS registry but rather a Nexus OSS in my host machine on port 8082. When I run the docker login command from within minikube as follows:
      docker login host.minikube.internal:8082
      hit enter and in the prompt for user name and password I enter those I get the following error:
      Error response from daemon: Get "https://host.minikube.internal:8082/v2/": http server gave http response to HTTPS client.

      I have tried starting my minikube with (and different version of that with http:// in front):
      minikube start –driver=docker –insecure-registry=host.minikube.internal:8082

      and I still get the same error. It is really frustrating.

      Anyone know how do I get passed that?

    3. Big fan of your channel and I recommend it to everyone.

      Your instructions for this are good, but how does this all change when not using Docker for the runtime (the supported containerd for example)? I've been having a heck of a time trying to find comparable instructions for ECR and containerd.

    4. Hi Nana,

      I am trying to create deployment with following content

      deployment_file.yaml
      ——————————–
      apiVersion: apps/v1

      kind: Deployment

      metadata:

      name: flask-deployment

      labels:

      app: flask

      spec:

      replicas: 1

      selector:

      matchLabels:

      app: flask

      template:

      metadata:

      labels:

      app: flask

      spec:

      containers:

      – name: flask

      image: flask-app:v1

      ports:

      – containerPort: 81

      imagePullSecrets:

      – name: regcred

      And Docker ps command is giving following ouput

      Output:
      ————
      CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

      9c3afb3ad019 flask-app "python3.6 /app/Flas…" 4 weeks ago Up 4 weeks 0.0.0.0:5000->5000/tcp, :::5000->5000/tcp jolly_dubinsky

      When i am trying to create deployment, deployment command is working fine, but image pull is failing,
      i got the below image from
      Command:
      ——————
      kubectl logs <pod-name>

      Output:
      ———-
      Error from server (BadRequest): container "flask" in pod "flask-deployment-5ccdbd96d6-p2dnb" is waiting to start: image can't be pulled

      I am new to kubernetes, kindly help me on this blocker

    5. instead of pull, can we make a push? basically automatic deployment on code push. is it good practice? if yes, then how to trigger k8 for pull?
      My guess: runner script should login in k8 and perform apply command. Nana, what you think?

    6. Hi Nana,
      Excellent tutorials. Thank you.

      I've created a Private Registry for my local development using Docker's Image :
      "docker run -d -p 5000:5000 –restart=always –name registry registry:2"

      I did not create TLS or UserName/Pwdd for this.
      After creating an Image, I am able to push/pull from this Registry using cmd-line.

      However, when trying using a Deployment.yaml into minikube, the Pods are not getting created.
      and I get this error:

      Failed to pull image "<image-name>": rpc error: code = Unknown desc = Error response from daemon: Get https://<my-registry>/v2/: http: server gave HTTP response to HTTPS client

      Do I have to create TLC and Username/Pwd for this to work ?

      Thanks.

    7. i did exactly the same and i'm getting this error when i describe the pod:

      Failed to pull image "registry.gitlab.com/###/###:master": rpc error: code = Unknown desc = Error response from daemon: Get https://registry.gitlab.com/……" denied: access forbidden

      i created a GitLab "Deploy token" then created a Secret using your 2nd method (one line way.) , when i use same token in simple Minkube's docker login , i m able to pull the image normally. but when i use kubectl, it's not able to pull it and getting "access forbidden" error.
      Ps: everything in same namespace

    8. Nana, just to let you know:

      I was facing an issue when trying to pull a image from a private dockerhub repo. I did this in an Openshift 4.3 cluster (not mine, it is a private cluster from the company I work for) exactly how you showed in the video and it works fine! Fun fact: I found your video without even looking for it haha.

      I'm already subscribed, I won't dare to miss a video from now on!

    9. I have a issue… I have three Ubuntu servers and I have 12 microservices. One server I created 4 services. One server one compose I configured four services.. I run I'm able register eureka all servixes… Zull gateway I can able to access fst servers but remaining I'm not able to access based on serviceId… Can I tell me where I done mistake