Private Docker Image from DockerHub in Rasa-X k3s quick install

I have a private docker image on Dockerhub which I can docker pull after using docker login but if I use the Rasa-X quick install with the k3s when I call

sudo kubectl get pods --namespace=rasa

I get a ErrImagePull on the rasa-app and if I query with

sudo kubectl describe pod rasa-app-86694b5bff-r7jqm --namespace=rasa

then I get the following error

Failed to pull image “xxx/yyy:v1”: rpc error: code = Unknown desc = failed to pull and unpack image “docker.io/xxx/yyy:v1”: failed to resolve reference “docker.io/xxx/yyy:v1”: pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed

I guess although sudo is logged into docker something is stoping this so:

  1. Is it possible to pull a private image from docker using the quick install for rasa x
  2. If not I have the action server set up on another docker machine and exposed so would it be possible to use that as the actions server, I can do it locally on my laptop but guess it’s probably not possible using the quick install either.

Thanks

Hi Brian,

I tested the following solution:

It seems the method to pull an image from a private repository only requires changes in the values.yml file:

images:
  # imagePullSecrets which are required to pull images for private registries
  imagePullSecrets:
  - name: <name of your pull secret>

This documentation from Kubernetes describes the process for creating a secret for accessing a private Docker repository:

The relevant information is copied below:

kubectl create secret docker-registry secret-tiger-docker \
  --docker-username=tiger \
  --docker-password=pass113 \
  --docker-email=tiger@acme.com

As a best practice, I’d suggest generating an access token through the Docker repository to use in place of the password. The access token is a drop-in replacement for the password, so you can use it exactly as shown above. To set this, you’ll need to go into your Account Settings on Docker Hub and you’ll find the Access Token creation option under Security.

You may also find the recently added GitHub Action from Rasa useful for CI/CD of the action server:

1 Like

Thanks, we moved to just using Docker as it’s faster for us to provision but hopefully one day I’ll get time to revisit and try again.