This article explains how to specify image pull secret for runtime images.
Deepfactor runtime runs as an init container in the application pod. No changes are required if the application pod already has an image pull secret that can pull Deepfactor runtime images.
In the following example, if regcred image pull secret has the permission to pull Deepfactor runtime image then it will be working fine.
spec:
template:
spec:
imagePullSecrets:
- name: regcred
If manifest does not have an image pull secret that can pull runtime images then you need to mention the image pull secret name in the override.yaml file of webhook deployment as shown below:
runtime: imagePullSecrets: - name: regcred
or
imagePullSecrets: - name: regcred
Make sure that this image pull secret is present in the namespace where the application is running.
You can create the image pull secret using the below command:
kubectl create secret generic regcred --from-file=.dockerconfigjson=$(ls ~/.docker/config.json) --type=kubernetes.io/dockerconfigjson --namespace=<ns>
If you want to create an image pull secret for multiple namespaces then use the below command:
for ns in "test-1" "test-2" "test-3"; do kubectl create secret generic regcred --from-file=.dockerconfigjson=$(ls ~/.docker/config.json) --type=kubernetes.io/dockerconfigjson --namespace=$ns done