How to deploy an image from Scaleway Container Registry to Kubernetes Kapsule
A container image consists of several bundled files, which encapsulate an application. This image can be built on a local machine, uploaded to the image registry, and then deployed on various Kubernetes pods with Kapsule. Kapsule is the managed Kubernetes service provided by Scaleway. In this tutorial we use Docker to build the containers.
The generated Docker images are stored in a private Docker registry using the Scaleway Container Registry product.
You may need certain IAM permissions to carry out some actions described on this page. This means:
- You have an account and are logged into the Scaleway console
- You have created a Kubernetes Kapsule cluster and downloaded and configured the corresponding
- You have installed Docker and kubectl on your local computer.
- You have created an API key
To complete the following steps, it is required that you have a local project with a
Dockerfile to build a container image from it. If you do not have a Docker project yet, you may follow our tutorial to create the required files.
- Open a terminal window on your local computer.
- Check that all required files are available to build the container image by running the
ls -lcommand in the directory of your project:ls -ltotal 32-rw-r--r-- 1 myuser staff 903 Oct 14 12:19 Dockerfile-rw-r--r-- 1 myuser staff 1080 Oct 14 12:19 LICENSE-rw-r--r-- 1 myuser staff 476 Oct 14 12:19 Makefile-rw-r--r-- 1 myuser staff 1721 Oct 14 12:19 README.mddrwxr-xr-x 3 myuser staff 96 Oct 14 12:19 patches
- Use the following commands to build the Docker container image locally before pushing it to your private Container Registry. The parameter
-tconfigures the tags of the container:docker build -t mycontainer:latest .Sending build context to Docker daemon 197.6kB.........---> c427b132b5fcSuccessfully built c427b132b5fcSuccessfully tagged mycontainer:latest
- Check that the image has been added to the local Docker installation by running the
docker imagescommand. Your newly created container image will be displayed in the list of available images:docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEmycontainer latest c427b132b5fc 22 minutes ago 1.24GB
- Log into your Container Registry. The endpoint (for example:
rg.fr-par.scw.cloud/myregistry) of your Container Registry is available from the Scaleway console and depends on your configuration:Adocker login rg.fr-par.scw.cloud/myregistry -u nologin -p $SCW_SECRET_KEY
Login Succeededmessage displays once logged in.
- Tag the image using the
docker tagcommand. Make sure to replace the URL of the registry with your personal endpoint:docker tag mycontainer:latest rg.fr-par.scw.cloud/myregistry/mycontainer:latest
- Push the image to the registry using the
docker pushcommand:docker push rg.fr-par.scw.cloud/myregistry/mycontainer:latest......a26724645421: Pusheda30b835850bf: Pushedlatest: digest: sha256:690d70e8f26cb772916c64244c86701c50f2764e42c668d4d0aaf039a9d62b47 size: 4067
To deploy the previously created container image in a Kapsule cluster, you need to create an Image Pull Secret. This allows your Kapsule cluster to connect to your Container Registry and pull the image itself. For this, your API secret key is required.
kubectlto define a secret called
$SCW_SECRET_KEYvariable as follows:kubectl create secret docker-registry registry-secret --docker-server=rg.fr-par.scw.cloud --docker-username=my-registry-namespace --docker-password=$SCW_SECRET_KEYImportant:
Replace the value for
docker-serverwith the address of your Container Registry (e.g. if it is in the Amsterdam or Warsaw regions), and the value for
docker-usernamewith the name of your Container Registry namespace.
- Display the generated secret with the
kubectl get secretcommand. The flag
--output=yamlwill return the output formatted in YAML:kubectl get secret registry-secret --output=yamlapiVersion: v1data:.dockerconfigjson: eyJhdXRocyI6eyJyZy5mci1wYXIuc2N3LmNsb3VkIjp7InVzZXJuYW1lIjoibXl1c2VyIiwicGFzc3dvcmQiOiJkYTI0N2E0Yi1hZDk4LTQ2NGYtOTdhYy1hOGIwNTZmYjU2NWYiLCJlbWFpbCI6Im15QGVtYWlsLmNvbSIsImF1dGgiOiJiWGwxYzJWeU9tUmhNalEzWVRSaUxXRmtPVGd0TkRZMFppMDVOMkZqTFdFNFlqQTFObVppTlRZMVpnPT0ifX19kind: Secretmetadata:creationTimestamp: 2019-10-14T12:23:32Zname: registry-secretnamespace: defaultresourceVersion: "2977046288"selfLink: /api/v1/namespaces/default/secrets/registry-secretuid: 85a69713-f239-43f3-8f00-36603c794557type: kubernetes.io/dockerconfigjson
Create a file
deployment.yamland open it in a text editor, e.g.
Copy the following content into it, save the file and quit the text editor.
Remember to replace the image name
rg.fr-par.scw.cloud/myregistry/mycontainer:latestand registry secret
registry-secretwith the values you previously defined.apiVersion: apps/v1kind: Deploymentmetadata:name: mydeploymentlabels:app: mydeploymentspec:replicas: 2selector:matchLabels:app: mydeploymenttemplate:metadata:labels:app: mydeploymentspec:containers:- name: mycontainerimage: rg.fr-par.scw.cloud/myregistry/mycontainer:latestimagePullSecrets:- name: registry-secretNote:
In the configuration above, the secret and deployments are in the same namespace.
kubectl applyto apply the deployment to the cluster:kubectl apply -f deployment.yaml
kubectl get podscommand to check the status of the deployment:kubectl get podsNAME READY STATUS RESTARTS AGEmydeployment-64c9fdd66c-66mrq 1/1 Running 0 2mmydeployment-64c9fdd66c-pwhl9 1/1 running 0 2m
As you can see in the output above, the image has been pulled successfully from the registry and two replicas of it are running on the Kapsule cluster.
For more information how to use your Container Registry with Kubernetes, refer to the official documentation.