To get running on minikube first download the latest binary and put into your
curl -Lo minikube https://storage.googleapis.com/minikube/releases/v0.10.0/minikube-linux-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/
Next spin up a new cluster:
minikube start --cpus=4 --memory=8096 --vm-driver=virtualbox --disk-size=40g
Pulling public images on a Kubernetes cluster is super easy, it just works! However, if you are pulling from a private repo, there may be some extra work to do. Depending on how you want to attack the problem outlines what might need to be done. You can find docs here on how to do other repos: http://kubernetes.io/docs/user-guide/images
For the rest of this article, I'm going to focus on AWS ECR as the registry to connect to. If there's interest, I can add more, however, I want to address ECR right now.
Running in AWS
If your cluster is running in AWS and you have the correct
CloudProvider set, then there's nothing else to do, ECR is supported out of the box.
Running in Minikube
Since Minikube doesn't run inside AWS (but on your local machine), we can't leverage the built-in cloud provider to help out. Before the cloud provider supported ECR natively, it was difficult to use ECR as a container registry so I wrote a tool which automates the process.
You can find the github repo here which does all the work: https://github.com/upmc-enterprises/awsecr-creds
How this tool works is it leverages
ImagePullSecrets on the pod by first authenticating and getting credentials to pull images from ECR. Then it creates an ImagePullSecret so that when a pod gets created, those credentials are automatically placed into the pod.
12 Hour Max
The only 'gotcha' of how ECR works is that credentials are only good for 12 hours, so ever 11 hours and 55 minutes, the credentials are refreshed.
So how do you get running with
awsecr-credson your Minikube cluster?
Simply edit the sample controller with credentials and account id's matching your AWS environment and deploy!
kubectl create -f k8s/replicationController.yml
Why pull from ECR?
I utilize AWS for many cloud resources today and letting AWS manage that resource is great. At the same time it's a good way to validate things since I can now tap into my CI system which is generating images for me. Now I can pull images and quickly test out components of my app without having to rebuild them all locally!