Menu
I know a lot of people already had similar question, i read a few of them, but found nothing what actualy helped me so far.
I have a gitlab with private repo enabled, I also use Google Kubernetes Engine. I have a few Docker container in my private repo, and I want to deploy one of them to the Kubernetes Engine.
I have created a secret with kubectl create secret generic db-user-pass --from-file=./username.txt --from-file=./password.txt
I also tried kubectl create secret docker-registry name --docker-server=registry.xy.z --docker-username=google --docker-password=xyz [email protected]
Then I created my Deployment file:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: backend-test
labels:
app: 13371337
spec:
replicas: 1
template:
metadata:
labels:
app: 13371337
spec:
containers:
- name: backend
image: registry.xy.z/group/project/backend:latest
imagePullPolicy: Always
ports:
- containerPort: 8080
imagePullSecrets:
- name: db-user-pass or name
Any ideas how to get it running?
507
So what exactly does ImagePullBackOff mean? The status ImagePullBackOff means that a Pod couldn't start, because Kubernetes couldn't pull a container image. The 'BackOff' part means that Kubernetes will keep trying to pull the image, with an increasing delay ('back-off').
A completed state indicates that the Deployment has successfully completed its tasks, all of its Pods are running with the latest specification and are available, and no old Pods are still running. A failed state indicates that the Deployment has encountered one or more issues that prevent it from completing its tasks.
Kubernetes Engine automatically upgrades the master as point releases are released, however it usually won't upgrade to a new version (for example, 1.7 to 1.8) automatically. When you are ready to upgrade to a new version, you can just click the upgrade master button in the Kubernetes Engine console.
Using kubectl create secret docker-registry name is a right way to provide credentials of private docker registry.
imagePullSecrets options looking good too, if you specify there a name of your docker-registry secret.
So, from Kubernetes path everything looking good.
Try to check events of the pod which will be created by Deployment, just find you pod by kubectl get pods and call kubectl describe pod $name_of_your_pod, you will see an actual reason why it cannot pull an image.
Also, if your depository is insecure or has self-signed certificate, try to follow that guide to allow docker daemon pulling image from there, that is an often reason of image pull failures.
142
In order to create a secret you can use the following command: (notice I gave it a name)
kubectl create secret docker-registry my_registry \
--docker-server=registry.xy.z \
--docker-username=google \
--docker-password=xyz \
[email protected]
or using yaml:
apiVersion: v1
kind: Secret
metadata:
name: my_registry
type: Opaque
data:
docker-server: registry.xy.z
docker-username: google
docker-password: xyz
docker-email: [email protected]
and your deployment need to use the secret name:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: backend-test
labels:
app: 13371337
spec:
replicas: 1
template:
metadata:
labels:
app: 13371337
spec:
containers:
- name: backend
image: registry.xy.z/group/project/backend:latest
imagePullPolicy: Always
ports:
- containerPort: 8080
imagePullSecrets:
- name: my_registry
Notice: you must create the secret per namespace.
30
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
