Kubernetes pods can't pull images from container registry (gcp)

Question

I want to update my deployment on kubernetes with a new image which exists on \'eu.gcr.io\' (same project), I have done this before. But now the pods fail to pull the image beca

Answer 1

You will need to create a docker-registry secret and use imagePullSecrets in you pod definition:

kubectl create secret docker-registry regcred --docker-server=<your-registry-server> --docker-username=<your-name> --docker-password=<your-pword> --docker-email=<your-email>

apiVersion: v1
kind: Pod
metadata:
  name: private-reg
spec:
  containers:
  - name: private-reg-container
    image: <your-private-image>
  imagePullSecrets:
  - name: regcred

see this guide for more information

Answer 2

According to your desciption

I just found out that I can still pull and deploy older images. But every new image I build cannot be pulled by the kubernetes pods.

I assume you can pull docker image by command, but not kubectl.

docker pull eu.gcr.io/my-gcp-project/my-image:v1.009 

So reference by this article Using Google Container Registry with Kubernetes, the authenication is differnet between pull docker image by docker pull and kubectl .

Did you give access token to GKE?

kubectl create secret docker-registry gcr-access-token \
--docker-server=eu.gcr.io \
--docker-username=oauth2accesstoken \
--docker-password="$(gcloud auth print-access-token)" \
--docker-email=any@valid.email