Hi <@USU6W5ATA> when i try to run my workflow I ge...
# ask-the-community
y
Hi @Kevin Su when i try to run my workflow I get the following error. I am using private ecr image .
Copy code
[1/1] currentAttempt done. Last Error: USER::containers with unready status: [apv828cglh4qs76ftwgf-n0-0]|Back-off pulling image "<http://x.y.z.dkr.ecr.us-west-2.amazonaws.com/flyte_test:adiwala1|x.y.z.dkr.ecr.us-west-2.amazonaws.com/flyte_test:adiwala1>"
To make sure that imagePullSecret are present in service account I ran the following commands
kubectl get pod nginx -o=jsonpath='{.spec.imagePullSecrets[0].name}{"\n"}'
The output was
reg-ecr-cred
Can you please help me out here what am I missing?
I have found the thread about same. Here.. https://github.com/flyteorg/flyte/discussions/1107#discussioncomment-842776 so following the same I have executed the following command and patch the imagepullsecret to default but still getting the same error..
Copy code
kubectl create secret docker-registry ecr-cred-ns-flyte-development \
  --docker-server=<http://x.y.z.dkr.ecr.us-west-2.amazonaws.com|x.y.z.dkr.ecr.us-west-2.amazonaws.com> \
  --docker-username=AWS \
  --docker-password=$(aws ecr get-login-password) \
  --namespace=flytesnacks-development

kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "ecr-cred-ns-flyte-development"}]}'
@anyone.. also I have executed the following command i.e
Copy code
kubectl get pod a65wjs9dpnbjszvghs8q-n0-0 -n flytesnacks-development  -o=jsonpath='{.spec.imagePullSecrets}{"\n"}'
also output is blank.. which means sa default is not attaching the imagepullsecret to newly created pods.. so what will be approach on this..
k
Copy code
kubectl create secret docker-registry ecr-cred-ns-flyte-development \
  --docker-server=<http://x.y.z.dkr.ecr.us-west-2.amazonaws.com|x.y.z.dkr.ecr.us-west-2.amazonaws.com> \
  --docker-username=AWS \
  --docker-password=$(aws ecr get-login-password) \
  --namespace=flytesnacks-development

kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "ecr-cred-ns-flyte-development"}]}'
you have to add
-n {namespace}
to the kubectl patch …
108 Views