► CLI Commands and YAML Files for this video: gitlab.com/nanuchi/kubernetes-tutorial-series-youtube/-/tree/master/pull-images-from-private-reporsitory-in-k8s ► Demo Nodejs app: gitlab.com/nanuchi/techworld-js-docker-demo-app ▬▬▬▬▬▬ T I M E S T A M P S 0:00 - Intro - common workflow 1:11 - Steps to pull image from private registry 1:40 - Environment Setup: Private Registry, Application, Minikube 2:42 - Login to AWS Container Repository | docker login and create docker config.json file 8:20 - Create Secret component 15:45 - Configure Deployment component 20:51 - Summary 👉🏼 For any questions/issues/feedback, please leave me a comment and I will get back to you as soon as possible. Please don't forget to subscribe and give me a thumbs up if you liked my video 😊🙏

Nana, just to let you know: I was facing an issue when trying to pull a image from a private dockerhub repo. I did this in an Openshift 4.3 cluster (not mine, it is a private cluster from the company I work for) exactly how you showed in the video and it works fine! Fun fact: I found your video without even looking for it haha. I'm already subscribed, I won't dare to miss a video from now on!

You are my inspiration. My idol in women in tech. Your dedication motivates me and help me work even harder towards my goal. Thanks for being the way you are and Ganesha bless you to inspire many more knowledge seeker like me!

Hello, this video helps me to work on a project of my company, which I spent days of difficulty creating alone, thanks for sharing your knowledge!

Hi Nana, keep up the good work. Your explanation about k8s is the most understandable that I can found on youtube. Thanks ya.

thank you for this video, it helped me a lot with some errors i had and was unable to fix them till i watched and followed your instructions. Thank you again.

I merged this with Ansible and it worked like a charm! Thank you for saving my week!

You are amazing! thanks to this video I was able to make the gitlab private registry work with the config.json method. Thank you

Hi Nana, I have been following your video series. I must say you explain concepts with great ease. It gets in the head very easily. Keep up the good work!! Can you also upload a video explaining various service types and their use-cases? and also how to secure and monitor K8S cluster.. I'll be waiting for it:) Thanks Nana in advance. Keep posting new videos:)

Nice one nana another top delivery from you as always, please would love to see you do videos on how to ensure security of containerized apps in kubernetes and how to optimized kubernetes cluster operations, thanks please keep up the good work

This is the video I was looking for to create secret in Openshift

Just as a short feedback: really enjoyed, handy, well done! (like always)

your videos are awesome...!!!! keep doing the good work .......please add some more videos on kubernetes

Continue to be that wonderful person. Thank you very much for sharing the knowledge :D

Your videos really help! Thanks Nana

Thanks a lot for sharing your valuable knowledge 🙏

Thank you Nana that was really very helpful.

Been waiting for this..Thank you

Thanks for the great video! This does seem like an overly complicated process in general. But thank you for making this.

The dockerconfigjson expires every 12 hours, how should we make changes in the secrets so that the we can create deployment without making any changes?

Very nice explaination thank you so much.please make and upload videos on statefulsets, service discovery and pod security policy.

Thanks for a great video nice explain thankyou for this vedio

What a great explanation, subscribed already!!

Thank you very much )). Very clear

Hi Nana,your videos are great and easy to follow. Is there any video on how to deploy mongoDB statefulset ?

Thanks.. Clear explanation

I don't really understand the reason why you need to transfer your config file from the Minikube environment to your host. I see that you want to use kubectl in the host to create the secret and for that you need the access token. Isn't there a way to make "docker login" to generate your access token in plain text in your local environment though (or even make the creation of the secret reference the credentials storage in your OS)?

For the example implementation, is the secret static to connect to the ecr?

instead of pull, can we make a push? basically automatic deployment on code push. is it good practice? if yes, then how to trigger k8 for pull? My guess: runner script should login in k8 and perform apply command. Nana, what you think?

i love your tutorials!

Damn your videos are just ... sooo good! One question: how detailed would you recommend software developers to learn this? Im very very interested in DevOps but for me personally i dont get to use it as much as i would love to. And when I do, i just look the necessary stuff up over night! Any recommendations? I love Kubernetes, but for personal projects, its way too much ... always using compose ._.

Thank you for this amazing video

You know that you are the light in the dark!

can you just provide one docker credential in the secret and apply it to multiple clusters (EKS) and regions? Is there rate limit for docker login as well?

What about local docker registry on your local machine. I mean if you spin up a registry:2 container for example that will act as your private local registry. The same steps apply? Thanks

Hi Nana I need your help in helm charts. In file job.yaml, the first line is {{- $root := . -}}. The := is assignment operator but what does . - after assignment operator means? and whats its use in image: {{ $root.Values.repository }}/nginx:{{ $root.Values.tag }}. Why we taking $root variable?

Hey Nana, I'm trying to deploy my image using k8s which tries to pull image from nexus private repo but on deployment i get an error ImagePullBackOff server gave http response to https client. Please help

Thanks for the tutorial. I have a local private Docker repo that is not running on https. How can I make it work for http Docker? Kube automatically looks for https.

Hi, what if i modify the image and pushed into container registry again with the same tag,after that if i need to deploy that image to the cluster what needs to do

This was great help!

Love you Nana :)

this is way more complex that I tought

Hi Nana, I have a application which is provided by my client and that has to go through K8S using Helm Upgrade and install command . but i am facing some issues. can you show us one demo with Helm 2 or 3 for deploying any private application into K8S , first i want to do it by manually using helm and after wards we want to go through gitlab registry. so if possible show us how to do it from gitlab also.

Thanks for sharing

thank ms Nana for the great videos , I have a question , did you say that you 'll make a videos in AWS ?! , it gonna be awesome ,I can't wait , thank you

Hello. How will I make Kubernetes automatically pull an image from the private repository if there has been a new image available? 😊 thanks in advance.

Big fan of your channel and I recommend it to everyone. Your instructions for this are good, but how does this all change when not using Docker for the runtime (the supported containerd for example)? I've been having a heck of a time trying to find comparable instructions for ECR and containerd.

Brilliant content 👌🏻

Amazing content as always. How do you deal with the case that the ECR logging typically expires after N hours. What’s the recommended practice in that case. Run a cron to update the configmap?

Hi Nana, I really like your videos, thanks for making it. I have a question, in some tutorials, a new service account is always created for each deployment, why should that be? and what service account for in that case ? thank you :)

I am getting an error in k8s cluster saying the "Container image "image/name:v1" already present on machine. How can I delete that image ?

I have a issue... I have three Ubuntu servers and I have 12 microservices. One server I created 4 services. One server one compose I configured four services.. I run I'm able register eureka all servixes... Zull gateway I can able to access fst servers but remaining I'm not able to access based on serviceId... Can I tell me where I done mistake

Hello @nana, can i download a images from one private docker registry as tar bundle and push it to another private registry with rest api or curl ? can you pls support here

I did same with you but it didn’t work well :( Secrets and pods are in the same namespace and I wrote imagePullSecrets as well. And each node ( master, worker nodes ) can pull and push images from private registry. But it didn’t work well when i tried to make k8s components like pods Any ideas ?

Can we assign one secret for pulling images in all namesapces ?

Hey Nana, I've been watching your videos on kubernetes and those are very informative and understandable ones. Actually i am learning kubernetes to integrate spark on kubernetes. I found few articles on the internet but those weren't that helpful and full of errors. Could you please prepare a demo regarding how to deploy spark image on kubernetes? Its a humble request.. Thank you. Love from india 🇮🇳❤️❤️🙂

how to configure certificates in minikube x509: certificate signed by unknown authority

i did exactly the same and i'm getting this error when i describe the pod: Failed to pull image "registry.gitlab.com/###/###:master": rpc error: code = Unknown desc = Error response from daemon: Get registry.gitlab.com/......" denied: access forbidden i created a GitLab "Deploy token" then created a Secret using your 2nd method (one line way.) , when i use same token in simple Minkube's docker login , i m able to pull the image normally. but when i use kubectl, it's not able to pull it and getting "access forbidden" error. Ps: everything in same namespace

Nice subscribed

Thank you.

Is this somehow the command is changed. I couldn't find the "get-login" from ecr command, just get-login-password.

Thanks

repository does not exist or may require 'docker login': denied: Your authorization token has expired. Reauthenticate and try again.

Please can you make videos on harbor?

Please make video to upgrade certificate in k8s cluster

Does the login password have a TTL?

And with Podman?

Hi Nana, Excellent tutorials. Thank you. I've created a Private Registry for my local development using Docker's Image : "docker run -d -p 5000:5000 --restart=always --name registry registry:2" I did not create TLS or UserName/Pwdd for this. After creating an Image, I am able to push/pull from this Registry using cmd-line. However, when trying using a Deployment.yaml into minikube, the Pods are not getting created. and I get this error: Failed to pull image "": rpc error: code = Unknown desc = Error response from daemon: Get /v2/: http: server gave HTTP response to HTTPS client Do I have to create TLC and Username/Pwd for this to work ? Thanks.

Hello Nana, How Kubernetes pull the images from private local docker registry. Could please comment on the same how can we achieve this using private local docker registry in Kubernetes cluster. Link for setting up private registry: docs.docker.com/registry/ NOTE: Not on Mimikube

Can you show me how to pull from gitlab ?

Little bit confusing Nana..

I am stucked at minute 7:26 when you run the docker login command from within Minikube (after you do minikube ssh). I am not using an AWS registry but rather a Nexus OSS in my host machine on port 8082. When I run the docker login command from within minikube as follows: docker login host.minikube.internal:8082 hit enter and in the prompt for user name and password I enter those I get the following error: Error response from daemon: Get "host.minikube.internal:8082/v2/": http server gave http response to HTTPS client. I have tried starting my minikube with (and different version of that with in front): minikube start --driver=docker --insecure-registry=host.minikube.internal:8082 and I still get the same error. It is really frustrating. Anyone know how do I get passed that?