Integrating Google Container Registry with GKE

Dissecting how to securely store your images and configure access from your cluster

Image for post
Image for post
Photo by CHUTTERSNAP on Unsplash

Setting up a container registry access

Image for post
Image for post

Generate a service key

Image for post
Image for post
resource.type == "storage.googleapis.com/Bucket" &&
resource.name.startsWith("projects/_/buckets/<docker-images-bucket-name")
Image for post
Image for post

Storing the key in the cluster

Image for post
Image for post
With the kubectl get secrets command you can see it was correctly created.

Configuring the default ServiceAccount

Image for post
Image for post
kubectl describe serviceaccount default will print

Configuring the Pod spec

Going the extra mile

Bonus track

Technology enthusiast. Less is more.

Get the Medium app