New to KubeDB? Please start here.
Using private Docker registry
KubeDB operator supports using private Docker registry. This tutorial will show you how to use KubeDB to run Redis server using private Docker images.
Before You Begin
-
Read concept of Redis Version Catalog to learn detail concepts of RedisVersion object.
-
You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. If you do not already have a cluster, you can create one by using kind.
-
To keep things isolated, this tutorial uses a separate namespace called demo throughout this tutorial. Run the following command to prepare your cluster for this tutorial:
$ kubectl create ns demo
namespace/demo created
-
You will also need a docker private registry or private repository. In this tutorial we will use private repository of docker hub.
-
You have to push the required images from KubeDB’s Docker hub account into your private registry. For redis, push DB_IMAGE, TOOLS_IMAGE, EXPORTER_IMAGE of following RedisVersions, where deprecated is not true, to your private registry.
$ kubectl get redisversions -n kube-system -o=custom-columns=NAME:.metadata.name,VERSION:.spec.version,INITCONTAINER_IMAGE:.spec.initContainer.image,DB_IMAGE:.spec.db.image,EXPORTER_IMAGE:.spec.exporter.image
NAME VERSION INITCONTAINER_IMAGE DB_IMAGE EXPORTER_IMAGE
4.0.11 4.0.11 kubedb/redis-init:0.7.0 kubedb/redis:4.0.11 kubedb/redis_exporter:v0.21.1
4.0.6-v2 4.0.6 kubedb/redis-init:0.7.0 kubedb/redis:4.0.6-v2 kubedb/redis_exporter:v0.21.1
5.0.14 5.0.14 kubedb/redis-init:0.7.0 redis:5.0.14 kubedb/redis_exporter:1.9.0
5.0.3-v1 5.0.3 kubedb/redis-init:0.7.0 kubedb/redis:5.0.3-v1 kubedb/redis_exporter:v0.21.1
6.0.6 6.0.6 kubedb/redis-init:0.7.0 kubedb/redis:6.0.6 kubedb/redis_exporter:1.9.0
6.2.5 6.2.5 kubedb/redis-init:0.7.0 redis:6.2.5 kubedb/redis_exporter:1.9.0
6.2.7 6.2.7 kubedb/redis-init:0.7.0 redis:6.2.7 kubedb/redis_exporter:1.9.0
6.2.8 6.2.8 kubedb/redis-init:0.7.0 redis:6.2.8 kubedb/redis_exporter:1.9.0
7.0.4 7.0.4 kubedb/redis-init:0.7.0 redis:7.0.4 kubedb/redis_exporter:1.9.0
7.0.5 7.0.5 kubedb/redis-init:0.7.0 redis:7.0.5 kubedb/redis_exporter:1.9.0
7.0.6 7.0.6 kubedb/redis-init:0.7.0 redis:7.0.6 kubedb/redis_exporter:1.9.0
Docker hub repositories:
Create ImagePullSecret
ImagePullSecrets is a type of Kubernetes Secret whose sole purpose is to pull private images from a Docker registry. It allows you to specify the url of the docker registry, credentials for logging in and the image name of your private docker image.
Run the following command, substituting the appropriate uppercase values to create an image pull secret for your private Docker registry:
$ kubectl create secret docker-registry -n demo myregistrykey \
--docker-server=DOCKER_REGISTRY_SERVER \
--docker-username=DOCKER_USER \
--docker-email=DOCKER_EMAIL \
--docker-password=DOCKER_PASSWORD
secret/myregistrykey created
If you wish to follow other ways to pull private images see official docs of Kubernetes.
NB: If you are using kubectl 1.9.0, update to 1.9.1 or later to avoid this issue.
Install KubeDB operator
When installing KubeDB operator, set the flags --docker-registry and --image-pull-secret to appropriate value. Follow the steps to install KubeDB operator properly in cluster so that to points to the DOCKER_REGISTRY you wish to pull images from.
Deploy Redis server from Private Registry
While deploying Redis from private repository, you have to add myregistrykey secret in Redis spec.imagePullSecrets.
Below is the Redis CRD object we will create.
apiVersion: kubedb.com/v1alpha2
kind: Redis
metadata:
name: redis-pvt-reg
namespace: demo
spec:
version: 6.2.5
storage:
storageClassName: "standard"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
podTemplate:
spec:
imagePullSecrets:
- name: myregistrykey
Now run the command to deploy this Redis object:
$ kubectl create -f https://github.com/kubedb/docs/raw/v2023.10.9/docs/examples/redis/private-registry/demo-2.yaml
redis.kubedb.com/redis-pvt-reg created
To check if the images pulled successfully from the repository, see if the Redis is in running state:
$ kubectl get pods -n demo -w
NAME READY STATUS RESTARTS AGE
redis-pvt-reg-0 0/1 Pending 0 0s
redis-pvt-reg-0 0/1 Pending 0 0s
redis-pvt-reg-0 0/1 ContainerCreating 0 0s
redis-pvt-reg-0 1/1 Running 0 2m
$ kubectl get rd -n demo
NAME VERSION STATUS AGE
redis-pvt-reg 6.2.5 Running 40s
Cleaning up
To clean up the Kubernetes resources created by this tutorial, run:
kubectl patch -n demo rd/redis-pvt-reg -p '{"spec":{"terminationPolicy":"WipeOut"}}' --type="merge"
kubectl delete -n demo rd/redis-pvt-reg
kubectl patch -n demo drmn/redis-pvt-reg -p '{"spec":{"wipeOut":true}}' --type="merge"
kubectl delete -n demo drmn/redis-pvt-reg
kubectl delete ns demo
$ kubectl patch -n demo rd/redis-pvt-reg -p '{"spec":{"terminationPolicy":"WipeOut"}}' --type="merge"
redis.kubedb.com/redis-pvt-reg patched
$ kubectl delete -n demo rd/redis-pvt-reg
redis.kubedb.com "redis-pvt-reg" deleted
$ kubectl delete -n demo secret myregistrykey
secret "myregistrykey" deleted
$ kubectl delete ns demo
namespace "demo" deleted
Next Steps
