Reputation: 120
"Failed to pull image: pull access denied" on a private docker repository
I am trying to run my node application (which successfully runs on my PC with Docker Desktop) through Kubernetes. This is a raspberry pi multi-node ubuntu kubeadm server (everything is latest stable version). I do have successful pods running on this server. I followed Kubernetes official guide to login to my private docker repository on Docker hub. I have double checked my credentials and I can use docker without sudo privileges.
My exact setup is listed below, please comment if you want me to add any more information!
My error code:
Failed to pull image "matthewvine/node-tools:rewrite": rpc error: code = Unknown desc = Error response from daemon: pull access denied for matthewvine/node-tools, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
My regcred docker secret:
data:
.dockerconfigjson: ey...==
kind: Secret
metadata:
creationTimestamp: "2022-01-10T23:34:40Z"
name: regcred
namespace: default
resourceVersion: "1807979"
uid: 69...
type: kubernetes.io/dockerconfigjson
My node-ht deployment:
apiVersion: apps/v1
metadata:
name: node-ht
namespace: node
...
spec:
replicas: 1
selector:
matchLabels:
app: node-ht
template:
metadata:
...
spec:
containers:
- name: node-ht
image: matthewvine/node-tools:rewrite
ports:
- containerPort: 3000
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
imagePullSecrets:
- name: regcred
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 25%
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
My Soluton: Turns out it was a simple namespace issue. Secrets need to be in the same namespace as the resources trying to use them.
Upvotes: 1
Views: 6946
Answers (1)
Reputation: 66
Secret key must be in the same place as the app namespace.
If you want to connect your docker secret to kubernetes you can use below method.
Create a Secret based on existing Docker credentials (link)
kubectl create secret generic regcred \
--from-file=.dockerconfigjson=<path/to/.docker/config.json> \
--type=kubernetes.io/dockerconfigjson
I think you already did that. The namespace change should fix your problem
Upvotes: 5
Related Questions
- Kubernetes can't pull private image from docker
- Kubernetes cannot pull image from private docker image repository
- Failed to pull image pull access denied , repository does not exist or may require 'docker login':
- K8S on Docker Desktop cannot pull private repo - pull access denied
- Kubernetes cannot pull an image from private repository on Docker Hub
- Image pulling issue on Kubernetes from private repository
- k8s - Failed to pull image....Error response from daemon: pull access denied for {private_repo}, repository does not exist
- Kubernetes cannot pull image from public docker image repository
- Why can I pull images from a private repo but not create a kubernetes deployment with it?
- K8S Failed to pull image from local repo