this is probably fairly simple, but I'm kind of lost here so any help would be appreciated.
I followed the instructions to set up a private docker registry over here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
The instructions worked, and the following deployment of a pod worked from the repo:
apiVersion: v1 kind: Pod metadata: name: private-reg spec: containers: - name: private-reg-container image: esrhost/node-hello imagePullSecrets: - name: regcred Now, when I try to replicate this in a Helm chart, I'm getting the following error:
me@me:~/projects/helm-test/init-test$ helm install --name node-hello . --set service.type=NodePort Error: release node-hello failed: Deployment in version "v1beta2" cannot be handled as a Deployment: v1beta2.Deployment: Spec: v1beta2.DeploymentSpec: Template: v1.PodTemplateSpec: Spec: v1.PodSpec: ImagePullSecrets: []v1.LocalObjectReference: readObjectStart: expect { or n, parsing 696 ...ecrets":["... at {"apiVersion":"apps/v1beta2","kind":"Deployment","metadata":{"labels":{"app":"init-test","chart":"init-test-0.1.0","heritage":"Tiller","release":"node-hello"},"name":"node-hello-init-test","namespace":"default"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"init-test","release":"node-hello"}},"template":{"metadata":{"labels":{"app":"init-test","release":"node-hello"}},"spec":{"containers":[{"image":"esrhost/node-hello:stable","imagePullPolicy":null,"livenessProbe":{"httpGet":{"path":"/","port":"http"}},"name":"init-test","ports":[{"containerPort":8080,"name":"http","protocol":"TCP"}],"readinessProbe":{"httpGet":{"path":"/","port":"http"}},"resources":null}],"imagePullSecrets":["regcred {}"]}}}} The issue is definitely with imagePullSecrets.
My values.yaml is the following:
replicaCount: 1 image: repository: esrhost/node-hello tag: stable pullpolicy: ifnotpresent # .Values.image.repoSecret repoSecret: regcred service: type: ClusterIP port: 8080 ingress: enabled: false annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" path: / hosts: - chart-example.local tls: [] # - secretName: chart-example-tls # hosts: # - chart-example.local resources: {} nodeSelector: {} tolerations: [] affinity: {} Basically the only non-default thing I have is my repository, and the repoSecret variable which I'm using in the following template deployment.yaml file:
apiVersion: apps/v1beta2 kind: Deployment metadata: name: {{ template "init-test.fullname" . }} labels: app: {{ template "init-test.name" . }} chart: {{ template "init-test.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: app: {{ template "init-test.name" . }} release: {{ .Release.Name }} template: metadata: labels: app: {{ template "init-test.name" . }} release: {{ .Release.Name }} spec: containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: - name: http containerPort: 8080 protocol: TCP livenessProbe: httpGet: path: / port: http readinessProbe: httpGet: path: / port: http resources: imagePullSecrets: - {{ .Values.image.repoSecret }} {{ toYaml .Values.resources | indent 12 }} {{- with .Values.nodeSelector }} nodeSelector: {{ toYaml . | indent 8 }} {{- end }} {{- with .Values.affinity }} affinity: {{ toYaml . | indent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{ toYaml . | indent 8 }} {{- end }} As you can see I've added spec->template->spec->imagePullSecrets and assigned the .Values.image.repoSecret variable.
I cannot for the life of me figure out what is causing this error. As far as I'm aware secrets are being propagated from deployments to pods, so it shouldn't make a difference that I've assigned it there.
TL;DR - Added a docker registry to K8s - works with kubectl. Added the same to a default nginx Helm chart - doesn't work. Confuse.
