Difficulty: 2/5
This exercise will teach you how to use an account to download containers images from your registry.
In this exercise, we will do it for dockerhub.
- A Kubernetes cluster
- A docker account
-
Verify your account with docker cli
Answer
- Launch command
docker login - Answer to username and password requests
- You should be successfully logged in.
- Launch command
-
Create a secret with type
docker-registrywith CLI (look at kubernetes documentation)Answer
- Launch command
kubectl create secret docker-registry <name of your secret> --docker-username=<your-name> --docker-password=<your-pword> -n <your namespace>
- Launch command
-
Inspect YAML code from your secret with
kubectl getcommandAnswer
- Launch command
kubectl get secret <your secret> -n <your namespace> --output=yaml
- Launch command
-
Create a simple manifest to create :
- A pod with image
gautierleblanc/nke-labs:latest - Using your secret for the download from dockerhub registry
Answer
- Create this manifest
apiVersion: v1 kind: Pod metadata: name: my-test spec: containers: - name: private-reg-container image: gautierleblanc/nke-labs:latest imagePullPolicy: Always imagePullSecrets: - name: <your secret>
- Apply it with command
kubectl apply -f <your manifest> -n <your namespace> - Your pod will use your secret to download the image from the registry
- A pod with image
ImagePullSecret is a great way to use authentication on registries. It can be very useful for test, when you use public registries limiting number of anonymous download per IP.