Created
July 4, 2024 07:28
-
-
Save schakko/d53deb3e75309ea5577693a21cb3cbc3 to your computer and use it in GitHub Desktop.
Install ecr-credential-provider to make AWS ECR container registry work with Kubernetes on Rancher
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| RELEASE=v1.30.2 | |
| mkdir -p /opt/aws/{bin,config} | |
| # see https://github.com/kubernetes/cloud-provider-aws/blob/master/Makefile for official release locations | |
| curl -OL https://storage.googleapis.com/k8s-staging-provider-aws/releases/${RELEASE}/linux/amd64/ecr-credential-provider-linux-amd64 | |
| mv ecr-credential-provider-linux-amd64 /opt/aws/bin/ecr-credential-provider | |
| chmod 755 /opt/aws/bin/ecr-credential-provider | |
| cat <<EOT >> /opt/aws/config/custom-credential-providers.yaml | |
| apiVersion: kubelet.config.k8s.io/v1 | |
| kind: CredentialProviderConfig | |
| providers: | |
| - name: ecr-credential-provider | |
| matchImages: | |
| - "*.dkr.ecr.*.amazonaws.com" | |
| - "*.dkr.ecr.*.amazonaws.com.cn" | |
| apiVersion: credentialprovider.kubelet.k8s.io/v1 | |
| defaultCacheDuration: '0' | |
| EOT | |
| echo 'Go to Rancher > Cluster management > {Cluster of this node} > Edit Config > Cluster Options > Edit as YAML' | |
| echo 'Update the services.kubelet section with the following snippet:' | |
| cat << EOT | |
| kubelet: | |
| extra_binds: | |
| - '/opt/aws/bin:/opt/aws/bin:ro' | |
| - '/opt/aws/config:/opt/aws/config:ro' | |
| extra_args: | |
| - 'image-credential-provider-config': '/opt/aws/config/custom-credential-providers.yaml' | |
| - 'image-credential-provider-bin-dir': '/opt/aws/bin' | |
| EOT |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment