0

I am trying to configure azure kubernetes cluster and created one on the portal.dockerized .net core webapi project and also published the image to azure container register. After applying manifest file , i get the message of service created and also the external IP. however when I do get pods I get status "Pending" all the time

 NAME READY STATUS RESTARTS AGE kubdemo1api-6c67bf759f-6slh2 0/1 Pending 0 6h

here is my yaml manifest file, can someone suggest what is wrong here?

apiVersion: extensions/v1beta1 kind: Deployment metadata: name: kubdemo1api labels: name: kubdemo1api spec: replicas: 1 strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 1 type: RollingUpdate minReadySeconds: 30 selector: matchLabels: app: kubdemo1api template: metadata: labels: app: kubdemo1api version: "1.0" tier: backend spec: containers: - name: kubdemo1api livenessProbe: httpGet: path: / port: 80 initialDelaySeconds: 30 timeoutSeconds: 10 readinessProbe: httpGet: path: / port: 80 initialDelaySeconds: 30 timeoutSeconds: 10 image: my container registry image address resources: requests: cpu: 100m memory: 100Mi ports: - containerPort: 80 livenessProbe: httpGet: path: / port: 80 initialDelaySeconds: 30 timeoutSeconds: 10 readinessProbe: httpGet: path: / port: 80 initialDelaySeconds: 30 timeoutSeconds: 10 --- apiVersion: v1 kind: Service metadata: name: azkubdemoapi1 spec: ports: - port: 80 selector: app: kubdemo1api type: LoadBalancer

EDIT: Output kubectl describe pods is this

here is it 

Normal Scheduled 2m default-scheduler Successfully assigned default/kubdemo1api-697d5655c-64fnj to aks-agentpool-87689508-0 Normal Pulling 37s (x4 over 2m) kubelet, aks-agentpool-87689508-0 pulling image "myacrurl/azkubdemo:v2" Warning Failed 37s (x4 over 2m) kubelet, aks-agentpool-87689508-0 Failed to pull image "my acr url": [rpc error: code = Unknown desc = Error response from daemon: Get https://myacrurl/v2/azkubdemo/manifests/v2: unauthorized: authentication required, rpc error: code = Unknown desc = Error response from daemon: Get https://myacrurl/v2/azkubdemo/manifests/v2: unauthorized: authentication required] Warning Failed 37s (x4 over 2m) kubelet, aks-agentpool-87689508-0 Error: ErrImagePull Normal BackOff 23s (x6 over 2m) kubelet, aks-agentpool-87689508-0 Back-off pulling image "myacrlurl/azkubdemo:v2" Warning Failed 11s (x7 over 2m) kubelet, aks-agentpool-87689508-0 Error: ImagePullBackOff
Improve this question
5
  • can you share output of kubectl describe pod kubdemo1api-6c67bf759f-6slh2 Commented Apr 7, 2019 at 15:11
  • added in the question Commented Apr 8, 2019 at 6:15
  • 1
    The error shows you need to authenticate to your registry to pull the image. You can use the imagePullSecrets to authenticate to your registry. See the example of ACR. Commented Apr 8, 2019 at 8:03
  • Any more questions? Or if the advice works for you, I would add an answer to others who meet the same issue. Please let me know the result. Commented Apr 9, 2019 at 8:49
  • authenticating using imagePullSecrets did the job for me. before that however, i had to create secret in the cluster that is available to nodes to consume. Commented Apr 9, 2019 at 16:33

2 Answers 2

Reset to default
2

For the error that you provide, it shows you have to authenticate to pull the image from the Azure Container Registry.

Actually, you just need permission to pull the image and the acrpull role is totally enough. There are two ways to achieve it.

One is that just grant the AKS access to the Azure Container Registry. It's simplest on my side. Just need to create the role assignment for the service principal which the AKS used. See Grant AKS access to ACR for the whole steps.

The other one is that use the Kubernetes secret. It's a little more complex than the first one. You need to create a new service principal differ from the one AKS used and grant access to it, then create the kubernetes secret with the service principal. See Access with Kubernetes secret for the whole steps.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

This Yaml is Wrong Can you provide the correct yaml, the intending are wrong. Try Below YAML

apiVersion: extensions/v1beta1 kind: Deployment metadata: name: kubdemo1api labels: name: kubdemo1api spec: replicas: 1 strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 1 type: RollingUpdate minReadySeconds: 30 selector: matchLabels: app: kubdemo1api template: metadata: labels: app: kubdemo1api version: "1.0" tier: backend spec: containers: - name: kubdemo1api image: nginx resources: requests: cpu: 100m memory: 100Mi ports: - containerPort: 80 livenessProbe: httpGet: path: / port: 80 readinessProbe: httpGet: path: / port: 80 initialDelaySeconds: 30 timeoutSeconds: 10 --- apiVersion: v1 kind: Service metadata: name: azkubdemoapi1 spec: ports: - port: 80 selector: app: kubdemo1api type: LoadBalancer
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.