tencent cloud

Feedback

How to pull images from a private repository when deploying Kubernetes resources

Last updated: 2022-03-30 10:23:07

    This document describes how to pull images from a private repository when deploying Kubernetes resources.

    Prerequisites

    You must activate the CODING DevOps service for your Tencent Cloud account before you can use Coding Continuous Deployment (CD).

    Open Project

    1. Log in to the CODING console and click the team domain name to enter the CODING page.
    2. On the Workspace homepage, click on the left to go to the Continuous Deployment console.

    Feature Overview

    When deploying Kubernetes resources, if the images referenced by manifest are stored in a private repository, you need to configure imagePullSecrets in manifest to pull the images.

    The following describes how to configure imagePullSecrets for different types of cloud accounts:

    Tencent Cloud TKE


    As shown above, CODING-CD generates a Secret named coding-registry-cred-$(user_id) in the TKE cluster. You can view the Secret information in the TKE console:

    After a cloud account is added, you can view the sample usage:

    Kubernetes cloud accounts (non-TKE cluster)

    For a Kubernetes cloud account added with Kubeconfig or Service Account credentials, you need to create a Secret in the Kubernetes cluster before manifest can reference images from a private repository (CODING artifact repository is taken as an example here):

    If you directly reference images from the private repository in mainfest without generating a Secret in the cluster, the operation will fail.

    kubectl create secret docker-registry coding-regcred \
    --docker-server=Your team domain --docker-username=Your email --docker-password=$(passwd)
    

    After a Secret is generated, use imagePullSecrets in manifest to configure the Secret for pulling images (the last two lines).

    apiVersion: apps/v1
    kind: Deployment
    ...
      spec:
        containers:
        - name: nginx
          image: nginx:1.14.2
          ports:
          - containerPort: 80
        imagePullSecrets:
        - name: coding-regcred
    

    For more information, see How to pull images from a private repository in Kubernetes

    Kubernetes cloud accounts (TKE cluster)

    If you add a TKE cluster cloud account using a Kubeconfig or Service Account, you can directly create a Secret on the TKE console. Go to the cluster Information page, and select Configuration Management > Secret > New:

    Fill in the form as follows:

    Similarly, after a Secret is generated, use imagePullSecrets in manifest to configure the secret for pulling images (the last two lines).

    apiVersion: apps/v1
    kind: Deployment
    ...
      spec:
        containers:
        - name: nginx
          image: nginx:1.14.2
          ports:
          - containerPort: 80
        imagePullSecrets:
        - name: coding-regcred
    
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support