-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to provide an image pull secret when using "--image-repository" with an internal registry that does not allow anonymous pull requests? #10019
Comments
good idea, I would like to fully support this and possibly add integraiton test for it, there is a WIP PR for making addons possible with custom image. |
that is a good point, do u know if other simmilar tools using a specific tool that minikube could take advantage of ? |
Forour own product deployment (in an already running cluster) we simply provide allow to provide the registry creds, which go into a secret passed to all pods as an image pull secret. But from my understanding, since we are in the process of bootstrapping the cluster, this probably has to be an "out of band" mechanism. |
Yeah we don't currently support doing this with an arbitrary registry other than just running some sort of kubectl apply once all the pods are up. The way it works for the registry-creds addon is that there is a webhook that supplies the image pull secret to all service accounts as they get created. Adding that as a step to a deployment shouldn't be too difficult. We would also absolutely accept any PR that adds this feature directly into minikube as an addon. |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-contributor-experience at kubernetes/community. |
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-contributor-experience at kubernetes/community. |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
Freezing this as this is definitely a feature we would accept a PR for. |
After a bit of a hiatus, I have been revisiting the whole topic of running minikube from purely local sources (i.e., any images should come from our own private registry). I revisted the issue #8298 that I created in June. The first problem I am running into is that our internal registry does not support anonymous pull access.
In the above mentioned issue, @tstromberg mentioned two sources on how to provide a pull secret - but all of the already require a running cluster, as they both boil down to enabling the registry-creds plugin:
But at that point all the infrastructure images would already have to be there, no?
Further, this add-on only allows me to specify creds for ECR, GCR, Dockerhub or ACR - what about my own registry?
The text was updated successfully, but these errors were encountered: