By default, the KubernetesPodOperator expects to pull container images that are hosted publicly. If your images are hosted on the container registry native to your cloud provider, you can grant access to the images directly. Otherwise, if you are using any other private registry, you need to create a Kubernetes Secret containing credentials to the registry, then specify the Kubernetes Secret in your dag.Documentation Index
Fetch the complete documentation index at: https://astronomer-preview.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Prerequisites
- An Astro project.
- An Astro Deployment.
- Access to a private Docker registry.
Setup
To run Docker images from a private registry on Astro, a Kubernetes Secret that contains credentials to your registry must be created. Injecting this secret into your Deployment’s namespace will give your tasks access to Docker images within your private registry.
By default, the KubernetesPodOperator looks for publicly hosted images. However, you can pull images from a private registry.
config.json file that contains your Docker credentials by following the Docker documentation. The generated file looks similar to the following:
models from kubernetes.client and configuring image_pull_secrets in your KubernetesPodOperator instantiation:
from kubernetes.client import models as k8s
KubernetesPodOperator(
namespace=namespace,
image_pull_secrets=[k8s.V1LocalObjectReference("<your-secret-name>")],
image="<your-docker-image>",
cmds=["<commands-for-image>"],
arguments=["<arguments-for-image>"],
labels={"<pod-label>": "<label-name>"},
name="<pod-name>",
task_id="<task-name>",
get_logs=True,
in_cluster=True,
)