[DOCKER] Get gcr image from local kubernetes

Enabled to pull image from gcr with kubernetes of docker desktop using json key file as authentication information.

Create json key file

The service account json key file is a valid credential, so download it from the gcp console.

Setting up OAuth 2.0

Creating a secret

Tell kubernetes to use json key file as credentials when pulling docker image from gcr as secret name gcr-json-key.

kubectl create secret docker-registry gcr-json-key \
	--docker-server=<your-registry-server> \
	--docker-username=<your-name> \
	--docker-password=<your-pword> -\
	-docker-email=<your-email>

The options are:

--<your-registry-server> : FQDN of private docker registry

In the case of gcr, it will be as follows

Example:

kubectl --namespace=$NAMESPACE create secret docker-registry gcr-json-key \
	--docker-server=https://gcr.io \
	--docker-username=_json_key \
	--docker-password="$(cat $PATH_TO_JSON)" \
	--docker-email="$MAIL_ADDRESS" \

Confirmation of created secret

> kubectl get secret --namespace=$NAMESPACE
NAME                  TYPE                                  DATA   AGE
gcr-json-key          kubernetes.io/dockerconfigjson        1      19d

Refer to authentication secret from service account

Register in secret as ImagePullSecret in the default service account.

kubectl --namespace=$NAMESPACE patch serviceaccount default -p '{"imagePullSecrets": [{"name": "gcr-json-key"}]}'

Browse secret from a single pod

Add a secret reference to your yaml file if you only want to use a specific pod

apiVersion: v1
kind: Pod
metadata:
  name: empty-debian
spec:
  containers:
  - name: empty-debian-container
    image: eu.gcr.io/lian-empty-project/empty-debian-container
  imagePullSecrets:
  - name: gcr-secret

Refference

Pull an Image from a Private Registry

Recommended Posts

Get gcr image from local kubernetes
Get "2-4, 7, 9" from [4, 7, 9, 2, 3]
[IOS14] How to get Data type image data directly from PHPickerViewController?
Extract files from Docker Image