New to KubeDB? Please start here.

Using private Docker registry

KubeDB supports using private Docker registry. This tutorial will show you how to run KubeDB managed PgBouncer using private Docker images.

Before You Begin

At first, you need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. If you do not already have a cluster, you can create one by using kind.

To keep things isolated, this tutorial uses a separate namespace called demo throughout this tutorial.

$ kubectl create ns demo
namespace/demo created

Note: YAML files used in this tutorial are stored in docs/examples/pgbouncer folder in GitHub repository kubedb/docs.

Prepare Private Docker Registry

  • You will need a docker private registry or private repository. In this tutorial we will use private repository of docker hub.

  • You have to push the required images from KubeDB’s Docker hub account into your private registry. For pgbouncer, push SERVER_IMAGE, EXPORTER_IMAGE of following PgBouncerVersions, where deprecated is not true, to your private registry.

    $ kubectl get pgbouncerversions -o=custom-columns=NAME:.metadata.name,VERSION:.spec.version,DB_IMAGE:.spec.server.image,EXPORTER_IMAGE:.spec.exporter.image,DEPRECATED:.spec.deprecated
    NAME     VERSION   SERVER_IMAGE              EXPORTER_IMAGE                     DEPRECATED
    1.10.0   1.10.0    kubedb/pgbouncer:1.10.0   kubedb/pgbouncer_exporter:v0.1.1   false
    1.11.0   1.11.0    kubedb/pgbouncer:1.11.0   kubedb/pgbouncer_exporter:v0.1.1   false
    1.12.0   1.12.0    kubedb/pgbouncer:1.12.0   kubedb/pgbouncer_exporter:v0.1.1   false
    1.7      1.7       kubedb/pgbouncer:1.7      kubedb/pgbouncer_exporter:v0.1.1   false
    1.7.1    1.7.1     kubedb/pgbouncer:1.7.1    kubedb/pgbouncer_exporter:v0.1.1   false
    1.7.2    1.7.2     kubedb/pgbouncer:1.7.2    kubedb/pgbouncer_exporter:v0.1.1   false
    1.8.1    1.8.1     kubedb/pgbouncer:1.8.1    kubedb/pgbouncer_exporter:v0.1.1   false
    1.9.0    1.9.0     kubedb/pgbouncer:1.9.0    kubedb/pgbouncer_exporter:v0.1.1   false
    latest   latest    kubedb/pgbouncer:latest   kubedb/pgbouncer_exporter:v0.1.1   false
    

    Docker hub repositories:

  • kubedb/operator

  • kubedb/pgbouncer

  • kubedb/pgbouncer_exporter

Create ImagePullSecret

ImagePullSecrets is a type of a Kubernetes Secret whose sole purpose is to pull private images from a Docker registry. It allows you to specify the url of the docker registry, credentials for logging in and the image name of your private docker image.

Run the following command, substituting the appropriate uppercase values to create an image pull secret for your private Docker registry:

$ kubectl create secret -n demo docker-registry myregistrykey \
  --docker-server=DOCKER_REGISTRY_SERVER \
  --docker-username=DOCKER_USER \
  --docker-email=DOCKER_EMAIL \
  --docker-password=DOCKER_PASSWORD
secret/myregistrykey created

If you wish to follow other ways to pull private images see official docs of kubernetes.

Note; If you are using kubectl 1.9.0, update to 1.9.1 or later to avoid this issue.

Install KubeDB operator

When installing KubeDB operator, set the flags --docker-registry and --image-pull-secret to appropriate value. Follow the steps to install KubeDB operator properly in cluster so that to points to the DOCKER_REGISTRY you wish to pull images from.

Create PgBouncerVersion CRD

KubeDB uses images specified in PgBouncerVersion crd for pgbouncer server, and prometheus metrics exporter. You have to create a PgBouncerVersion crd specifying images from your private registry. Then, you have to point this PgBouncerVersion crd in spec.version field of Postgres object. For more details about PgBouncerVersion crd, please visit here.

Here, is an example of PgBouncerVersion crd. Replace <YOUR_PRIVATE_REGISTRY> with your private registry.

apiVersion: catalog.kubedb.com/v1alpha1
kind: PgBouncerVersion
metadata:
  name: "pvt-1.11.0"
  labels:
    app: kubedb
spec:
  deprecated: false
  version: "1.11.0"
  server:
    image: "<YOUR_PRIVATE_REGISTRY>/pgbouncer:custom-1.11.0"
  exporter:
    image: "<YOUR_PRIVATE_REGISTRY>/pgbouncer_exporter:v0.1.1"

Now, create the PgBouncerVersion crd,

$ kubectl apply -f pvt-pgbouncerversion.yaml
pgbouncerversion.kubedb.com/pvt-1.11.0 created

Deploy PgBouncer from Private Registry

While deploying PgBouncer from private repository, you have to add myregistrykey secret in PgBouncer spec.podTemplate.spec.imagePullSecrets and specify pvt-1.11.0 in spec.version field.

Below is the PgBouncer object we will create in this tutorial

apiVersion: kubedb.com/v1alpha2
kind: PgBouncer
metadata:
  name: pvt-reg-pgbouncer
  namespace: demo
spec:
  version: "pvt-1.11.0"
  databases:
  - alias: "postgres"
    databaseName: "postgres"
    databaseRef:
      name: "quick-postgres"
  connectionPool:
    maxClientConnections: 20
    reservePoolSize: 5
    adminUsers:
    - admin
  userListSecretRef:
    name: db-user-pass
  podTemplate:
    spec:
      imagePullSecrets:
      - name: myregistrykey

Now run the command to create this pgbouncer server:

$ kubectl create -f https://github.com/kubedb/docs/raw/v2020.11.12/docs/examples/pgbouncer/private-registry/pvt-reg-pgbouncer.yaml
pgbouncer.kubedb.com/pvt-reg-pgbouncer created

To check if the images pulled successfully from the repository, see if the PgBouncer is in Running state:

$ kubectl get pods -n demo --selector="kubedb.com/name=pvt-reg-pgbouncer"
NAME                 READY     STATUS    RESTARTS   AGE
pvt-reg-pgbouncer-0   1/1       Running   0          3m

Cleaning up

To cleanup the Kubernetes resources created by this tutorial, run:

kubectl delete -n demo pb/pvt-reg-pgbouncer

kubectl delete ns demo

If you would like to uninstall KubeDB operator, please follow the steps here.

Next Steps