How pull image from GCP Artifact Registry in k8s deployment.yaml?-CodePudding

Dou you know how to pull image from GCP Artifact Registry in k8s deployment.yaml?

CodePudding user response：

pass the gcp artifact repo link like a usual docker repo link, example

gcr.io/obi-wan416/volt-source:voltactivedata-client

repo:imagename:imagetag

CodePudding user response：

If your Kubernetes cluster is on GKE, then give the appropriate permissions to the Service account used by the cluster so that I can pull the images.

In the image field of your deployment YAML, provide the Image location which is basically

HOSTNAME/PROJECT-ID/TARGET-IMAGE:TAG

Hostname can be one of - gcr.io, us.gcr.io, eu.gcr.io, asia.gcr.io based on you location. Check https://cloud.google.com/container-registry/docs/pushing-and-pulling#tag

If your cluster is out of Google Cloud, you'll need to set imagePullSecrets i.e. :

Create a service account key, with JSON credentials, from your Google Cloud Console, navigate to APIs and Services -> Credentials and create a new Service account key (Give the appropriate Role)
Use this command to tell Kubernetes to use the JSON credentials when pulling images:

kubectl -n=NAMESPACE_NAME create secret docker-registry SECRET_NAME
--docker-server HOST_NAME
--docker-username _json_key
--docker-email ANY_VALID_EMAIL
--docker-password="$(cat ~/key.json)"
Now either add the secrets to your YAML or the default service account used by k8s

To add to default account:

kubectl patch serviceaccount default \
-p '{"imagePullSecrets": [{"name": "SECRET_NAME"}]}'

OR add to your YAML

.
.
spec:
 containers:
   - name: my-container
     image: IMAGE_LOCATION
 imagePullSecrets:
   - name: SECRET_NAME
.