In this tutorial, you will learn to deploy the image in the K8s cluster.
This is a two step process:
- Create a secret that holds the Harbor registry user ID and password.
- Apply a deployment to the cluster. Refer to the secret and the image name from
the deployment YAML.
Part 1 – Create the Secret
There are several different ways to create a secret that holds the Harbor user ID and
password. We will use the Docker’s config.json approach.
1. Log into the registry if you haven’t already done so:
docker login -u projectadmin core.harbor.domain
[Enter Project1Admin as the password]
Once you successfully login using the “docker login” command, your user ID and
password are stored in the .docker/config.json file. We can create a secret straight out of
2. Review the config.json file by running this command:
3. Run this command to create the secret. It must be run from your home directory:
kubectl create secret generic harbor-login-secret \
You should see:
Now K8s can start to pull images from Harbor. It will use the credentials stored in the secret to authenticate. If the user ID and password changes in the future then you will need to recreate this secret.
4. Run this command to verify that the secret was created:
kubectl get secret harbor-login-secret -o yaml
The entire contents of the config.json file is base 64 encoded and stored in the
You should see:
Part 2 – Prepare the Deployment YAML
To save time, a starter YAML file is given to you. You will make a few changes and then apply it to the cluster.
- Open a web browser and enter this URL:
- Make sure the file was downloaded inside your VM.
- Extract the zip.
- Create ~/LabFiles.
- Copy the deployment.yaml that was just extracted to ~/LabFiles replacing the
existing deployment.yaml file.
- Open ~/LabFiles/deployment.yaml in an editor.
- Make sure you have the following content:
We will now enter the image name and secret name in the placeholders shown below.
- In the container definition, replace <IMAGE NAME> with:
- In the imagePullSecret node, replace <SECRET NAME> with:
This is the secret we have created previously.
Verify your file looks like this:
9. Save and close the file.
Part 3 – Deploy the Application
1. Run this command to apply the YAML file:
kubectl apply -f ~/LabFiles/deployment.yaml
2. Run this command to check the status of our application’s pod:
kubectl get pods
You should see, you may to wait a minute and run the command again until shows READ as 1/1:
Part 4 – Test the Application
1. Run this command to get the URL for the application:
minikube service gitops-demo –url
2. Run the /hello endpoint using curl [Your IP address may be different]:
Make sure that you see this response.
Part 5 – Review
In this tutorial, we deployed an application to K8s that has its Docker image stored in a
Harbor registry. We had to create a secret that holds the Harbor user ID and password. We
had to refer to this secret and the image name from the deployment YAML file.