where to set imagePullSecret for vcluster images

loft-sh / vcluster

vCluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces.

https://www.vcluster.com

Apache License 2.0

6.26k stars 398 forks source link

where to set imagePullSecret for vcluster images #333

Closed Wompipomp closed 2 years ago

Wompipomp commented 2 years ago

Hello,

this is more a question: Is there any possibility to use an imagePullSecret for the vcluster images e.g., when pulling the images from a private registry for air-gapped clusters or pulling from docker with an account due to the docker restrictions. I have seen the possibility to set a defaultImageRegistry but haven't found any option to set an imagePullSecret.

Thank you very much Mark

matskiv commented 2 years ago

Hello @Wompipomp

You can set the pull secret for vcluster ServiceAccount and it will be used to pull all images used in the vcluster StatefulSet. You do this via values.yaml file that you pass to vcluster create -f values.yaml or helm upgrade --values values.yaml:

serviceAccount:
  imagePullSecrets:
    - name: secret-name-here

This works for the default k3s flavor, and k0s, but not k8s. And it doesn't cover the CoreDNS pod.

Wompipomp commented 2 years ago

Hello @matskiv

thank you so much, it worked :pray: I searched a while but I haven't found any hint for this possibility. :+1: