Gopi Vivek Manne's Blog

ErrImagePull and ImagePullBackOff

Gopi Vivek Manne's photo
Gopi Vivek Manne
·

2 min read

ImagePullBackOff occurs when a container fails to pull an image from the registry after multiple attempts. Initially, the status starts as ErrImagePull and eventully after multiple retries it enters into ImagePullBackOff.

Use case-1: Run a pod with nginx container using an image nginx:1.27.2

Here, the image version is wrong and hence it doesn’t exist in the Dockerhub. Nginx container failed to launch with the image and enter into ErrImagePull and then transitioned to ImagePullBackOff.

Now, after adjusting an image version to nginx:1.27.2, nginx pod is up and running as expected.

Use case-2: When we want to launch a container using an image from our private Docker repository

  • Create a pod with a custom image named vivekmanne/demo-app:v1 which was existing in my private repository of the Docker hub. Now, container failed to pull an image as pull access denied due to authorization failure.

  • Now, create a kubernetes secret of docker-registry type and store the credentials in the secret.

Reference this secret in the pod yaml using imagePullSecrets attribute to make this secret used by the pod for pulling image from private repository.

apiVersion: v1
kind: Pod
metadata:
  labels:
  name: my-app
spec:
  containers:
  - image: vivekmanne/demo-app:v1
    name: my-app
  dnsPolicy: ClusterFirst
  restartPolicy: Always
  imagePullSecrets:
    - name: my-secret

Now, Kubelet successfully pulled the image from our private repo using provided k8s secret.

NOTE: Having credentials in the pod allows it to authenticate with the private repository, but the image must still exist in the repository, and the image name or version specified must be accurate and error-free.