Private Docker Registry Secret
You can avoid potential docker throttling when Kubernetes anonymously pulls images by configuring a secret containing a docker login. This same mechanism can be used to gain access to non-public docker registries provided that the docker login used has access to those registries.
Before You Start #
- Ensure you have completed Developer System Setup.
- You have the
kubectlcommand-line tool installed and configured to use your Kubernetes cluster.
How to Create a Docker Access Secret #
-
Create a secret named
regcred:kubectl create secret docker-registry regcred --docker-username=USER --docker-password=PASS
Tip
You must set up the secret for all namespaces which you may reference in a deployment. You can control the list of namespaces available for deployment using the Helm chart
namespaces.excludelist. To create the secret for multiple namespaces at once, you can use a loop in a shell script:for NAMESPACE in namespace1 namespace2 namespace3; do kubectl create secret docker-registry regcred \ --docker-username=USER \ --docker-password=PASS \ -n $NAMESPACE doneReplace
namespace1,namespace2,namespace3with your target namespaces, andUSERandPASSwith your Docker credentials.
MacOs
--from-filedoes not work for MacOS -
Configure Kubernetes to use this regcred secret by default on all docker image accesses for HPE Machine Learning Inferencing Software-deployed services:
kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "regcred"}]}'