Skip to content
  • There are no suggestions because the search field is empty.

How do I use Images stored in a Google Artifact Registry (GAR) for my Ververica platform Installation or deployments, regardless of VVP Cluster Location?

Answer

Assuming your Ververica Platform and/or Flink images are stored in Google Cloud Artifact Registry (GAR), this guide explains how to configure VVP to pull those images during platform installation and/or when running Flink deployments. These set of instructions apply regardless of where VVP is hosted (e.g. different GCP project, other cloud provider like AWS, or on-premise environment).

The overall approach is to create a set of credentials and use them in your deployment yaml.

Here are the detailed steps:

1) Create a service account in GCP and give it GAR Reader permissions

2) Generate a JSON key from that service account:

gcloud iam service-accounts keys create gar-key.json --iam-account <SERVICE-ACCOUNT-EMAIL>

3) Generate a Docker config entry from the json key file

cat gar-key.json | docker login -u _json_key --password-stdin <REGISTRY-REGION>

Note: Example registry region - https://eu.gcr.io

4) Confirm the docker config file contains the key

cat ~/.docker/config.json

You should see a similar entry:

{
"auths": {
"eu.gcr.io": {
"auth": "X2pzb25fa2V5OnsKICAidHlwZSI6ICJzZ..."
}
}
}

5) Create a Kubernetes Secret in the Deployment Target namespace -> This is where your deployment pods are created

kubectl create secret generic <SECRET-NAME> --from-file=.dockerconfigjson=$HOME/.docker/config.json --type=kubernetes.io/dockerconfigjson --namespace=<TARGET-NAMESPACE>

6) For VVP installation, reference the secret in your values file you use when installing/upgrading VVP:

rbac:
imagePullSecret: <SECRET-NAME>

7) For Flink Deployment creation, reference the secret in your Ververica deployment yaml:

spec:
template:
spec:
kubernetes:
pods:
imagePullSecrets:
- name: <SECRET-NAME>
kind: Deployment
spec:
template:
spec:
kubernetes:
jobManagerPodTemplate:
spec:
imagePullSecrets:
- name: <SECRET-NAME>
taskManagerPodTemplate:
spec:
imagePullSecrets:
- name: <SECRET-NAME>