Why pulling private image in Pod is not working in Kubernetes Registry addon?

I am very new to Kubernetes and I setup Kubernetes Registry addons just copy and pasting the yaml from Kubernetes Registry Addon just a small change in ReplicationController with emptyDir

apiVersion: v1
kind: ReplicationController
metadata:
  name: kube-registry-v0
  namespace: kube-system
  labels:
    k8s-app: kube-registry-upstream
    version: v0
    kubernetes.io/cluster-service: "true"
spec:
  replicas: 1
  selector:
    k8s-app: kube-registry-upstream
    version: v0
  template:
    metadata:
      labels:
        k8s-app: kube-registry-upstream
        version: v0
        kubernetes.io/cluster-service: "true"
    spec:
      containers:
      - name: registry
        image: registry:2
        resources:
          limits:
            cpu: 100m
            memory: 100Mi
        env:
        - name: REGISTRY_HTTP_ADDR
          value: :5000
        - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
          value: /var/lib/registry
        volumeMounts:
        - name: image-store
          mountPath: /var/lib/registry
        ports:
        - containerPort: 5000
          name: registry
          protocol: TCP
      volumes:
       - name: image-store
         emptyDir: {}

Then I forward the 5000 port as follows

  • Docker Registry 2.0 with Amazon S3 and TLS setup
  • Is it possible to have a private/internal docker repository?
  • How is Docker Swarm different than Kubernetes?
  • unable to edit /etc/resolv.conf in docker container
  • org.elasticsearch.client.transport.NoNodeAvailableException: None of the configured nodes are available: []
  • Docker networking: how to show connected containers names
  • $POD=$(kubectl get pods --namespace kube-system -l k8s-app=kube-registry-upstream \
                -o template --template '{{range .items}}{{.metadata.name}} {{.status.phase}}{{"\n"}}{{end}}' \
                | grep Running | head -1 | cut -f1 -d' ')
    
    
    $kubectl port-forward --namespace kube-system $POD 5000:5000 &
    

    I can push my images fine as follows

    $docker tag alpine localhost:5000/nurrony/alpine
    $docker push localhost:5000/nurrony/alpine
    

    Then I write a Pod to test it like below

    Version: v1
    kind: Pod
    metadata:
      name: registry-demo
      labels:
        purpose: registry-demo
    spec:
      containers:
        - name: registry-demo-container
          image: localhost:5000/nurrony/alpine
          command: ["printenv"]
          args: ["HOSTNAME", "KUBERNETES_PORT"]
          env:
          - name: MESSAGE
            value: "hello world"
          command: ["/bin/echo"]
          args: ["$(MESSAGE)"]
    

    It is throwing an error

    Failed to pull image "localhost:5000/nurrony/alpine": image pull failed for localhost:5000/nurrony/alpine:latest, this may be because there are no credentials on this request. details: (net/http: request canceled)
    

    Any idea why is this happening? Thanks in advance.

  • Using docker to run a distributed computation
  • Add external plugin to sonarqube
  • How do I run yesod init from a docker container?
  • Connectivity from microservice on host out of docker-compose network
  • Have created a docker that installs nginx, python, uwsgi and django. How do I test it within a VM?
  • Jenkins,Sonar in single docker container
  • One Solution collect form web for “Why pulling private image in Pod is not working in Kubernetes Registry addon?”

    The pod will have its own network and localhost refers to the local network. You can use kubectl describe to see which IP was allocated for the POD.


    kubectl describe pods registry-demo | grep "IP:"
    ...
    IP: 10.244.1.8

    As your forwarding the port to your master you could use the kubernetes IP of your agent/master instead of localhost.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.