Skip to content

Examples

Jump to bottom
vaggeliskls edited this page Jun 15, 2024 · 6 revisions

AWS ECR Example (Existing Secret)

  1. Create a secret that contains the registry AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY 
apiVersion: v1
kind: Secret
metadata:
  name: global-secret
data:
  REGISTRY_USERNAME: dmFsdWUtMg0KDQo=
  REGISTRY_PASSWORD: dmFsdWUtMg0KDQo=
  1. Make use of k8s-registry-auth chart to create a secret that is going to be used from our resources
helm upgrade --install k8s-registry-auth oci://registry-1.docker.io/vaggeliskls/k8s-registry-auth  --set registry=123456789123.dkr.ecr.region.amazonaws.com --set awsEcr.enabled=true --set secretConfigName=global-secret

That helm chart will create by default a secret called registry-auth-credentials. That secret will be updated every 8 hours.

  1. Deploy your resources using the previously created secret. That secret will make the image that the pod uses to be authenticated. Pod example:
apiVersion: v1
kind: Pod
metadata:
  name: my-app
spec:
  containers:
  - name: my-app
    image: 123456789123.dkr.ecr.region.amazonaws.com/image:test
  imagePullSecrets:
  - name: registry-auth-credentials

AWS ECR Example (Static Credentials)

  1. Make use of k8s-registry-auth chart to create a secret that is going to be used from our resources
helm upgrade --install k8s-registry-auth oci://registry-1.docker.io/vaggeliskls/k8s-registry-auth  --set registry=123456789123.dkr.ecr.region.amazonaws.com --set awsEcr.enabled=true --set registryUsername=username --set registryPassword=password

That helm chart will create by default a secret called registry-auth-credentials. That secret will be updated every 8 hours.

  1. Deploy your resources using the previously created secret. That secret will make the image that the pod uses to be authenticated. Pod example:
apiVersion: v1
kind: Pod
metadata:
  name: my-app
spec:
  containers:
  - name: my-app
    image: 123456789123.dkr.ecr.region.amazonaws.com/image:test
  imagePullSecrets:
  - name: registry-auth-credentials

Docker Example (Existing Secret)

  1. Create a secret that contains the registry Username and Password 
apiVersion: v1
kind: Secret
metadata:
  name: global-secret
data:
  REGISTRY_USERNAME: dmFsdWUtMg0KDQo=
  REGISTRY_PASSWORD: dmFsdWUtMg0KDQo=
  1. Make use of k8s-registry-auth chart to create a secret that is going to be used from our resources
helm upgrade --install k8s-registry-auth oci://registry-1.docker.io/vaggeliskls/k8s-registry-auth  --set registry=myprivateregistry.com --set docker.enabled=true --set secretConfigName=global-secret

That helm chart will create by default a secret called registry-auth-credentials.

  1. Deploy your resources using the previously created secret. That secret will make the image that the pod uses to be authenticated. Pod example:
apiVersion: v1
kind: Pod
metadata:
  name: my-app
spec:
  containers:
  - name: my-app
    image: myprivateregistry.com/image:test
  imagePullSecrets:
  - name: registry-auth-credentials

Docker Example (Static Credentials)

  1. Make use of k8s-registry-auth chart to create a secret that is going to be used from our resources
helm upgrade --install k8s-registry-auth oci://registry-1.docker.io/vaggeliskls/k8s-registry-auth --set registry=myprivateregistry.com --set docker.enabled=true --set registryUsername=username --set registryPassword=password

That helm chart will create by default a secret called registry-auth-credentials.

  1. Deploy your resources using the previously created secret. That secret will make the image that the pod uses to be authenticated. Pod example:
apiVersion: v1
kind: Pod
metadata:
  name: my-app
spec:
  containers:
  - name: my-app
    image: myprivateregistry.com/image:test
  imagePullSecrets:
  - name: registry-auth-credentials

Use local values.yaml

  1. Create a secret that contains the registry AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY 
apiVersion: v1
kind: Secret
metadata:
  name: global-secret
data:
  REGISTRY_USERNAME: dmFsdWUtMg0KDQo=
  REGISTRY_PASSWORD: dmFsdWUtMg0KDQo=
  1. Create your local values.yaml file to override the default values
secretConfigName: "123456789123.dkr.ecr.eu-west-2.amazonaws.com"
secretConfigUsernameKey: REGISTRY_USERNAME
secretConfigPasswordKey: REGISTRY_PASSWORD
awsEcr:
  enabled: true
  1. Make use of k8s-registry-auth chart to create a secret that is going to be used from our resources
helm upgrade --install k8s-registry-auth oci://registry-1.docker.io/vaggeliskls/k8s-registry-auth -f values.yaml
  1. Deploy your resources using the previously created secret. That secret will make the image that the pod uses to be authenticated. Pod example:
apiVersion: v1
kind: Pod
metadata:
  name: my-app
spec:
  containers:
  - name: my-app
    image: 123456789123.dkr.ecr.region.amazonaws.com/image:test
  imagePullSecrets:
  - name: registry-auth-credentials

Clone this wiki locally