How to pass image pull secret while using 'kubectl run' command?

后端 未结 7 789
梦谈多话
梦谈多话 2020-12-24 11:16

I am trying to use kubectl run command to pull an image from private registry and run a command from that. But I don\'t see an option to specify image pull secret. It looks

相关标签:
7条回答
  • 2020-12-24 11:47

    You could create the docker-registry secret as described at @MarkO'Connor's link, then add it to the default ServiceAccount. It's the SA that acts on the behalf of pods, including pulling their images.

    From Adding ImagePullSecrets to a service account:

    $ kubectl create secret docker-registry myregistrykey --docker-username=janedoe --docker-password=●●●●●●●●●●● --docker-email=jdoe@example.com
    secret "myregistrykey" created
    
    $ kubectl get serviceaccounts default -o yaml > ./sa.yaml
    
    $ cat sa.yaml
    apiVersion: v1
    kind: ServiceAccount
    metadata:
      creationTimestamp: 2015-08-07T22:02:39Z
      name: default
      namespace: default
      resourceVersion: "243024"
      selfLink: /api/v1/namespaces/default/serviceaccounts/default
      uid: 052fb0f4-3d50-11e5-b066-42010af0d7b6
    secrets:
    - name: default-token-uudge
    
    $ vi sa.yaml
    [editor session not shown]
    [delete line with key "resourceVersion"]
    [add lines with "imagePullSecret:"]
    
    $ cat sa.yaml
    apiVersion: v1
    kind: ServiceAccount
    metadata:
      creationTimestamp: 2015-08-07T22:02:39Z
      name: default
      namespace: default
      selfLink: /api/v1/namespaces/default/serviceaccounts/default
      uid: 052fb0f4-3d50-11e5-b066-42010af0d7b6
    secrets:
    - name: default-token-uudge
    imagePullSecrets:
    - name: myregistrykey
    
    $ kubectl replace serviceaccount default -f ./sa.yaml
    

    Now, any new pods created in the current namespace will have this added to their spec:

    spec:
      imagePullSecrets:
      - name: myregistrykey
    
    0 讨论(0)
提交回复
热议问题