CODEWITHSUNDEEP
dockerkubernetes
Bedjase
Bedjase

Reputation: 79

Kubernetes can't pull images from docker hub repository

Hello Guys hope you well!

I need the that my master machine order the slave to pull the image from my docker hub repo and I get the error below, It doesn't let the slave pull from the repo, but when I go to the slave, manually pull he pulls

This from kubernetes master:

The first lines are a describe from pod my-app-6c99bd7b9c-dqd6l which is running now because I pulled manually the image from the docker hub, but I want Kubernetes to do it.

Events:
  Type     Reason          Age                            From                           Message
  ----     ------          ----                           ----                           -------
  Normal   Scheduled       <unknown>                      default-scheduler              Successfully assigned default/my-app2-74969ddd4f-l6d6l to kubeslave.machine.pt
  Normal   SandboxChanged  <invalid>                      kubelet, kubeslave.machine.pt  Pod sandbox changed, it will be killed and re-created.
  Warning  Failed          <invalid> (x3 over <invalid>)  kubelet, kubeslave.machine.pt  Failed to pull image "bedjase/repository/my-java-app:my-java-app": rpc error: code = Unknown desc = Error response from daemon: pull access denied for bedjase/repository/my-java-app, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
  Warning  Failed          <invalid> (x3 over <invalid>)  kubelet, kubeslave.machine.pt  Error: ErrImagePull
  Normal   BackOff         <invalid> (x7 over <invalid>)  kubelet, kubeslave.machine.pt  Back-off pulling image "bedjase/repository/my-java-app:my-java-app"
  Warning  Failed          <invalid> (x7 over <invalid>)  kubelet, kubeslave.machine.pt  Error: ImagePullBackOff
  Normal   Pulling         <invalid> (x4 over <invalid>)  kubelet, kubeslave.machine.pt  Pulling image "bedjase/repository/my-java-app:my-java-app"
[root@kubernetes ~]# kubectl get pods
NAME                       READY   STATUS             RESTARTS   AGE
my-app-6c99bd7b9c-dqd6l    1/1     Running            0          14m
my-app2-74969ddd4f-l6d6l   0/1     ImagePullBackOff   0          2m20s
nginx-86c57db685-bxkpl     1/1     Running            0          8h

This from slave:

[root@kubeslave docker]# docker pull bedjase/repository:my-java-app
my-java-app: Pulling from bedjase/repository
50e431f79093: Already exists
dd8c6d374ea5: Already exists
c85513200d84: Already exists
55769680e827: Already exists
e27ce2095ec2: Already exists
5943eea6cb7c: Already exists
3ed8ceae72a6: Already exists
7ba151cdc926: Already exists
Digest: sha256:c765d09bdda42a4ab682b00f572fdfc4bbcec0b297e9f7716b3e3dbd756ba4f8
Status: Downloaded newer image for bedjase/repository:my-java-app
docker.io/bedjase/repository:my-java-app

I already made the login in both master and slave to docker hub repo and succeed. Both have /etc/hosts ok, also nodes are connected and ready:

[root@kubernetes ~]# kubectl get nodes
NAME                    STATUS   ROLES    AGE   VERSION
kubernetes.machine.pt   Ready    master   26h   v1.17.4
kubeslave.machine.pt    Ready    <none>   26h   v1.17.4

Am I missing some point here?

Upvotes: 2

Views: 8984

Answers (3)

AAber
AAber

Reputation: 1749

A detailed script to create the secret and another script to patch all the service accounts can be found in my answer here:

How to pull image from dockerhub in kubernetes?

Patching all the service accounts will allow all your k8s namespaces to pull any image from dockerhub without changing the k8s deploy manifests.

Upvotes: 0

Mohit
Mohit

Reputation: 1

Just to add to the other answers,

1) Create a secret with the following command: Create a secret for pulling docker images

2) Create your pod that uses this secret as described here: use the secret in pod

Upvotes: 0

Mr.KoopaKiller
Mr.KoopaKiller

Reputation: 3962

For private images you must create a secret with username and password of Docker Hub to Kubernetes be able to pull the image.

The command bellow create a secret name regcred with your Docker Hub credentials, replace the fields <<your-name>>, <your-password> and <your-email>:

kubectl create secret docker-registry regcred --docker-server=https://index.docker.io/v1/ --docker-username=<your-name> --docker-password=<your-password> --docker-email=<your-email>

After that you need to add in your pod/deployment spec that you want to use this credentials to pull your private image adding the imagePullSecrets with the credentials created above, see this example:

apiVersion: v1
kind: Pod
metadata:
  name: private-reg
spec:
  containers:
  - name: private-reg-container
    image: <your-private-image>
  imagePullSecrets:
  - name: regcred

References:

https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret

Upvotes: 1

Related Questions