This document describes how to pull images from a private repository when deploying Kubernetes resources.
Prerequisites
You must activate the CODING DevOps service for your Tencent Cloud account before you can use Coding Continuous Deployment (CD).
Open Project
1. Log in to the CODING console and click the team domain name to enter the CODING page.
2. On the Workspace homepage, click on the left to go to the Continuous Deployment console. Feature Overview
When deploying Kubernetes resources, if the images referenced by manifest are stored in a private repository, you need to configure imagePullSecrets
in manifest to pull the images.
The following describes how to configure imagePullSecrets
for different types of cloud accounts:
Tencent Cloud TKE
As shown above, CODING-CD generates a Secret named coding-registry-cred-$(user_id)
in the TKE cluster. You can view the Secret information in the TKE console:
After a cloud account is added, you can view the sample usage:
Kubernetes cloud accounts (non-TKE cluster)
For a Kubernetes cloud account added with Kubeconfig or Service Account credentials, you need to create a Secret in the Kubernetes cluster before manifest can reference images from a private repository (CODING artifact repository is taken as an example here):
If you directly reference images from the private repository in mainfest without generating a Secret in the cluster, the operation will fail. kubectl create secret docker-registry coding-regcred \\
--docker-server=Your team domain --docker-username=Your email --docker-password=$(passwd)
After a Secret is generated, use imagePullSecrets
in manifest to configure the Secret for pulling images (the last two lines).
apiVersion: apps/v1
kind: Deployment
...
spec:
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80
imagePullSecrets:
- name: coding-regcred
Kubernetes cloud accounts (TKE cluster)
If you add a TKE cluster cloud account using a Kubeconfig or Service Account, you can directly create a Secret on the TKE console. Go to the cluster Information page, and select Configuration Management > Secret > New:
Fill in the form as follows:
Similarly, after a Secret is generated, use imagePullSecrets
in manifest to configure the secret for pulling images (the last two lines).
apiVersion: apps/v1
kind: Deployment
...
spec:
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80
imagePullSecrets:
- name: coding-regcred
Was this page helpful?