• Cloud Container Engine

cce
  1. Help Center
  2. Cloud Container Engine
  3. User Guide 2.0
  4. Application Management
  5. Using a Third-party Image to Create an Application

Using a Third-party Image to Create an Application

CCE allows you to pull images from a third-party image repository to create applications.

Generally, you are required to pass authentication using your account and password before accessing a third-party image repository. The secret authentication mode is used for pulling images from a CCE container. Therefore, you must create a secret for accessing the image repository before pulling images.

Prerequisites

When you create an application using a third-party image, ensure that the node where the application is running can access public networks.

Creating an Application on the GUI

  1. Create a secret for accessing a third-party image repository.

    In the navigation pane, choose Configuration Center > Secrets. Click Create Secret, and set Type to kubernetes.io/dockerconfigjson. For more information, see Creating a Secret. In Secret Data, set Username and Password to those used to log in to the third-party image repository.

  2. Create an application. For more information, see Creating a Stateless Application or Creating a Stateful Application. If you use a third-party image to create an application, set the parameters as follows:

    • Set Authenticate Secret to Yes.
    • Select the secret created in 1.
    • Enter the image address.

  3. Click OK.

Creating an Application using kubectl

  1. Configure kubectl. For details, see Connecting to a Kubernetes Cluster Using kubectl.
  2. Log in to the ECS server where kubectl is configured.
  3. Create a secret of the dockerconfigjson type using kubectl.

    kubectl create secret docker-registry myregistrykey --docker-server=DOCKER_REGISTRY_SERVER --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL
    In the preceding commands, myregistrykey indicates the secret name, and other parameters are described as follows:
    • DOCKER_REGISTRY_SERVER: address of a third-party image repository, for example, www.3rdregistry.com or 10.10.10.10:443
    • DOCKER_USER: account used for logging in to a third-party image repository
    • DOCKER_PASSWORD: password used for logging in to a third-party image repository
    • DOCKER_EMAIL: email of a third-party image repository

  4. Use a third-party image to create an application.

    The secret of the dockerconfigjson type is used for authentication when you obtain a private image. The following is an example of using the myregistrykey for authentication.
    apiVersion: v1
    kind: Pod
    metadata:
      name: foo
      namespace: default
    spec:
      containers:
        - name: foo
          image: www.3rdregistry.com/janedoe/awesomeapp:v1
      imagePullSecrets:
        - name: myregistrykey              #Use the secret created in step 3.