gitlab-registry-kubernetes-secrets-howto icon indicating copy to clipboard operation
gitlab-registry-kubernetes-secrets-howto copied to clipboard

Published 20 hours ago verified publisher icon jugatsu

Metadata

How to use Gitlab Container Registry with Kubernetes.

Description

Copy-Paste Ready™ how-to for using private Gitlab Container Registry with Kubernetes.

ref: https://gist.github.com/rkuzsma/b9a0e342c56479f5e58d654b1341f01e

Copy and edit example env file accordingly

cp dockercfg.env.example dockercfg.env

Export variables from dockercfg.env

eval $(cat dockercfg.env)

Export additional variables

export REGISTRY_NAME=`echo $DOCKER_REGISTRY_SERVER | sed -e 's/^http:\/\///g' -e 's/^https:\/\///g'`
export DOCKER_IMAGE_FULL_PATH=$REGISTRY_NAME/$DOCKER_IMAGE_PATH

Create secret in the Kubernetes Cluster

kubectl create secret docker-registry gitlab-registry \
  --docker-server=$DOCKER_REGISTRY_SERVER \
  --docker-username=$DOCKER_USER \
  --docker-password=$DOCKER_PASSWORD \
  --docker-email=$DOCKER_EMAIL

Test

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Pod
metadata:
  name: foo
spec:
  containers:
    - name: foo
      image: $DOCKER_IMAGE_FULL_PATH
      imagePullPolicy: Always
  imagePullSecrets:
    - name: gitlab-registry
EOF

Check if the image was pulled successfully

kubectl describe po/foo | grep -i pull

Cleanup

Remove pod

kubectl delete po/foo

Remove file with environment variables

rm dockercfg.env

Unset environment variables

unset DOCKER_REGISTRY_SERVER
unset DOCKER_USER
unset DOCKER_EMAIL
unset DOCKER_PASSWORD
unset DOCKER_IMAGE_PATH
unset REGISTRY_NAME
unset DOCKER_IMAGE_FULL_PATH

✅ Sharing the secret across multiple Kubernetes namespaces 🎉

export NAMESPACE=gitlab
kubectl get secret gitlab-registry -o yaml \
  | sed "s/default/$NAMESPACE/g" \
  | kubectl -n $NAMESPACE create -f -

Metadata

32
Stars
9
Forks
Watchers

Owner

verified publisher icon jugatsu

Metadata

How to use Gitlab Container Registry with Kubernetes.

Back