GithubHelp home page GithubHelp logo

kizotheitguy / docker-credential-aks-cluster Goto Github PK

View Code? Open in Web Editor NEW
1.0 1.0 2.0 2 KB

aks-kubernetes-cluster azure-container-registry kubernetes-secrets bash-script azure docker-image secret aks

docker-credential-aks-cluster's Introduction

Docker-Credential-AKS-Cluster

Creating Docker credentials for Azure Kubernetes Service Cluster

This document is a method to resolving Kubernetes deployment with docker image pull request error sometimes encountered from Azure Container Registry (Azure ACR) or other private image registry.

Requirements

az login --service-principal -u $AZURE_SERVICEPRINCIPAL -p $AZURE_PASSWORD --tenant $AZURE_AD_TENANT
az account set --subscription $AZURE_SUBSCRIPTION
az aks install-cli
az aks get-credentials -g myResourceGroup -n myClusterName

Create the secrets in the Kubernetes cluster

kubectl create secret docker-registry mysecrets \
  --docker-server=$CONTAINER_REG_NAME.azurecr.io \
	--docker-username=$DOCKER_ADMIN \
	--docker-password=$DOCKER_PASS \
	--docker-email=$DOCKER_EMAIL

Run the command to get the secrets created

kubectl get secret mysecrets -o yaml

The file will look like this

apiVersion: v1
data:
  .dockercfg: <<some key values>>
kind: Secret
metadata:
  creationTimestamp: <<>A Time Stamp>
  name: mysecrets
  namespace: default
  resourceVersion: "123456"
  selfLink: /api/v1/namespaces/default/secrets/mysecrets
  uid: xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx
type: kubernetes.io/dockercfg

Export the mysecrets to a file

kubectl get secret mySecrets -o yaml > mySecrets.yml

Then replace "dockercfg" with "dockerconfigjson"

sed -i 's/dockercfg/dockerconfigjson/g' mySecrets.yml

Delete and recreate the secrets with the .yml file

kubectl delete secret mySecrets
kubectl apply -f mySecrets.yml

If you run the command "kubectl get secret mySecrets -o yaml" again you will find that the file now looks different

You can now add the secrets name to your object file

kind: Deployment
metadata:
  name: myApp
spec:
  template:
    metadata:
      labels:
        app: Prod
    spec:
      containers:
      - name: myApp
        image: myPrivateRegistry/myCustomImage:lates
		imagePullPolicy: Always
        ports:
        - containerPort: 80
	  imagePullSecrets:
      - name: mySecrets

Automate the Step

Here is a simple bash script to automate the process mentioned above.

#!/bin/bash
set -euo pipefail
IFS=$'\n\t'


echo "Logon to Azure Portal"
az login --service-principal -u $AZURE_SERVICEPRINCIPAL -p $AZURE_PASSWORD --tenant $AZURE_AD_TENANT
az account set --subscription $AZURE_SUBSCRIPTION
az aks install-cli
az aks get-credentials -g myResourceGroup -n myClusterName

echo "Creating Initial Docker ImagePullSecret"
kubectl create secret docker-registry $K8s_SECRET_NAME \
    --docker-server=$CONTAINER_REG_NAME.azurecr.io \
	--docker-username=$DOCKER_ADMIN \
	--docker-password=$DOCKER_PASS \
	--docker-email=$DOCKER_EMAIL

echo "Get Docker ImagePullSecret file"
kubectl get secret $K8s_SECRET_NAME -o yaml > $K8s_SECRET_NAME.yml

echo "Editing Docker ImagePullSecret file"
sed -i 's/dockercfg/dockerconfigjson/g' $K8s_SECRET_NAME.yml

echo "Deleting Docker Credentials in Kube-system"
kubectl delete secret $K8s_SECRET_NAME

echo "Creating New Docker ImagePullSecret"
kubectl apply -f $K8s_SECRET_NAME.yml

kubectl get secret $CONTAINER_REG_NAME

docker-credential-aks-cluster's People

Contributors

kizotheitguy avatar

Stargazers

avatar

Watchers

avatar

Forkers

tayoa vansickle

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.