kubeadm: Cannot pull images from a private registry with authentication
Hello
just created a two node (master+minion) cluster with kubeadm following http://kubernetes.io/docs/getting-started-guides/kubeadm/, and trying to run a pod with images on an internal, private registry with authentication (following http://kubernetes.io/docs/user-guide/images/#configuring-nodes-to-authenticate-to-a-private-repository) and it doesn’t work.
docker login private-registry.internal.tld works
docker pull private-registry.internal.tld/image works
but kubelet seems to just ignore this. Since that there’s a tutorial on this, and I couldn’t find any outstanding kubelet/kubernetes open issue with this, I’m guessing that maybe it’s a more specific kubeadm problem.
How can I debug this? Thanks
About this issue
- Original URL
- State: closed
- Created 8 years ago
- Comments: 16 (3 by maintainers)
I managed my connection to Nexus 3 with ImagePullSecrets and adding it to the service account, so that it will automatically be added to all deployed pods.
Configure ImagePullSecret with the docker config https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
Instead of adding the imagePullSecrets to every pod, i have added it to the service account which is used to deploy my pods: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#adding-imagepullsecrets-to-a-service-account
With this configuration everything works as i expected.
Preauthentication with docker login on every node was not successful.
More infO: if I set
ImagePullPolicy: IfNotPresentand then manuallydocker pullthe images on the minion host, it works. If I setImagePullPolicy: Alwaysit doesn’t work even with pre-pulled images