Pulling ECR images into AKS

Hi everyone,

Recently I found myself using Azure managed Kubernetes (AKS), however the images I wanted to pull were in AWS ECR. If my k8s cluster was in AWS it would be transparent to me provided the IAM user had permission but, in order to pull such an image from Azure; one can create a secret and to pull the image, sadly (or maybe thankfully) this secret expires after 12 hours so we need to keep refreshing.

Below I present an approach which could be used, it creates a service account (note I apply the permissions to the default account also as some of my deployments dont reference this service account yet) for pulling the image with RBAC, permissions, there is a kubernetes job that will execute immediately and a cronjob that will execute every 8 hours thereafter

Just use this secret in your deployments

spec:
      imagePullSecrets:
      - name: dg-ecr-pull


Hope this is of benefit to others! remember to update those <TODO> sections!

Recent Tweets

Note: For Customization and Configuration, CheckOut Recent Tweets Documentation

Calendar

<<  November 2018  >>
MoTuWeThFrSaSu
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789

View posts in large calendar

Month List