In order to deploy an image into Kubernetes, the image must be available in a registry. I’m very much in the learning & experimenting phase of my Kubernetes journey, and I find myself using Docker Hub private registries for a lot of things. After using
docker login I can
docker push &
docker pull images from a private registry just by naming them correctly with my Docker ID e.g.
kubectl doesn’t automatically inherit this knowledge and access, so what must be done to enable deployment of a locally-developed image into a locally-runing cluster? Let’s take a look!
The first thing we need to do is authenticate to the registry, which we can do using
docker login. This will prompt for credentials and store an authorization token in
~/.docker/config.json. The lines below demonstrate how to do this and view the result.
docker login cat ~/.docker/config.json
In order to make the authentication token accessible to the Kubernetes cluster, we can use Secrets. The following commands can be used to copy the credential from the Docker
config.json into a Secret named
regcred and inspect the result.
kubectl create secret generic regcred \ --from-file=.dockerconfigjson=<path/to/.docker/config.json> \ --type=kubernetes.io/dockerconfigjson kubectl get secret regcred --output=yaml
Next, we’ll create a Deployment that includes our Secret. Create a new file
my-app-deployment.yaml with the following contents:
apiVersion: apps/v1 kind: Deployment metadata: name: my-app-deployment spec: replicas: 1 selector: matchLabels: app: my-app template: metadata: labels: app: my-app spec: containers: - name: my-app image: <my-docker-id>/my-app:latest ports: - containerPort: 80 imagePullSecrets: - name: regcred
And we’ll need to expose the deployment with a Service, so create another file
my-app-service.yaml with this for its contents:
apiVersion: v1 kind: Service metadata: name: my-app-svc labels: app: my-app spec: type: NodePort ports: - port: 80 nodePort: 30080 selector: app: my-app
Now we use these files to create the Deployment and Service in Kubernetes:
kubectl create -f my-app-deployment.yaml kubectl create -f my-app-service.yaml
That should do the trick. You can inspect the Deployment and Service using
kubectl get pods and
kubectl describe service my-app-service respectively. Assuming everything deployed correctly, you should be able to access your app at