Why pulling private image in Pod is not working in Kubernetes Registry addon?

I am very new to Kubernetes and I setup Kubernetes Registry addons just copy and pasting the yaml from Kubernetes Registry Addon just a small change in ReplicationController with emptyDir

apiVersion: v1
kind: ReplicationController
metadata:
  name: kube-registry-v0
  namespace: kube-system
  labels:
    k8s-app: kube-registry-upstream
    version: v0
    kubernetes.io/cluster-service: "true"
spec:
  replicas: 1
  selector:
    k8s-app: kube-registry-upstream
    version: v0
  template:
    metadata:
      labels:
        k8s-app: kube-registry-upstream
        version: v0
        kubernetes.io/cluster-service: "true"
    spec:
      containers:
      - name: registry
        image: registry:2
        resources:
          limits:
            cpu: 100m
            memory: 100Mi
        env:
        - name: REGISTRY_HTTP_ADDR
          value: :5000
        - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
          value: /var/lib/registry
        volumeMounts:
        - name: image-store
          mountPath: /var/lib/registry
        ports:
        - containerPort: 5000
          name: registry
          protocol: TCP
      volumes:
       - name: image-store
         emptyDir: {}

Then I forward the 5000 port as follows

  • Docker cloud service link for Ruby on Rails application
  • Installing an application into a docker containers through SSH
  • AWS container service: set max_map_count
  • Understanding a complex docker command
  • Why do I get an error when I want to run cv2.imshow within docker container
  • How to send log from Vagrant server to Graylog server
  • $POD=$(kubectl get pods --namespace kube-system -l k8s-app=kube-registry-upstream \
                -o template --template '{{range .items}}{{.metadata.name}} {{.status.phase}}{{"\n"}}{{end}}' \
                | grep Running | head -1 | cut -f1 -d' ')
    
    
    $kubectl port-forward --namespace kube-system $POD 5000:5000 &
    

    I can push my images fine as follows

    $docker tag alpine localhost:5000/nurrony/alpine
    $docker push localhost:5000/nurrony/alpine
    

    Then I write a Pod to test it like below

    Version: v1
    kind: Pod
    metadata:
      name: registry-demo
      labels:
        purpose: registry-demo
    spec:
      containers:
        - name: registry-demo-container
          image: localhost:5000/nurrony/alpine
          command: ["printenv"]
          args: ["HOSTNAME", "KUBERNETES_PORT"]
          env:
          - name: MESSAGE
            value: "hello world"
          command: ["/bin/echo"]
          args: ["$(MESSAGE)"]
    

    It is throwing an error

    Failed to pull image "localhost:5000/nurrony/alpine": image pull failed for localhost:5000/nurrony/alpine:latest, this may be because there are no credentials on this request. details: (net/http: request canceled)
    

    Any idea why is this happening? Thanks in advance.

  • Using the Docker REST API to run a container with parameters
  • How to configure gitlab for gradle multimodule project
  • s3 mounted inside the container. how to expose it to the host?
  • Docker-machine and Openstack / SSH
  • Docker not hosting anything on the port it says it is, what's going on?
  • how to tag image in docker registry v2
  • One Solution collect form web for “Why pulling private image in Pod is not working in Kubernetes Registry addon?”

    The pod will have its own network and localhost refers to the local network. You can use kubectl describe to see which IP was allocated for the POD.


    kubectl describe pods registry-demo | grep "IP:"
    ...
    IP: 10.244.1.8

    As your forwarding the port to your master you could use the kubernetes IP of your agent/master instead of localhost.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.