2

I am getting the following error when my pod is deployed and then it tries to pull the image.

Failed to pull image "foyer-api:latest": rpc error: code = Unknown desc = failed to pull and unpack image "docker.io/library/foyer-api:latest": failed to resolve reference "docker.io/library/foyer-api:latest": pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed

Here is the Pod Yaml

apiVersion: v1
kind: Pod
metadata:
  name: foyer-api-test
  labels:
    app: foyer-api-test
spec:
  containers:
    - name: foyer-api
      image: foyer-api:latest
      ports:
       - containerPort: 80
hoque
  • 5,735
  • 1
  • 19
  • 29
Michael McDermott
  • 344
  • 3
  • 6
  • 14

1 Answers1

3

To pull an Image from a Private Registry click here

Basically you need to create a secret using docker credential. For example, using command line

$ kubectl create secret docker-registry regcred --docker-server=<your-registry-server> --docker-username=<your-name> --docker-password=<your-pword> --docker-email=<your-email>

Then use it in imagePullSecrets

apiVersion: v1
kind: Pod
metadata:
  name: foyer-api-test
  labels:
    app: foyer-api-test
spec:
  containers:
  - name: foyer-api
    image: foyer-api:latest
    ports:
    - containerPort: 80
  imagePullSecrets:
  - name: regcred
hoque
  • 5,735
  • 1
  • 19
  • 29
  • Would this work with aws ecr? Do I use my own aws information for this? – Michael McDermott Jun 08 '20 at 18:50
  • yes, will work with ecr, check the https://stackoverflow.com/questions/49654457/how-to-auto-deploy-docker-containers-from-amazon-ecr-to-kubernetes-using-jenkins how to create secret for ecr – hoque Jun 08 '20 at 19:06
  • 1
    I don't think this solution is appropriate for ECR, since you are on EKS (EC2) you can attach a role to pull images from your ECR repository. – Matteo Jul 23 '21 at 07:59