Using private images
Now that you know how to use datasets, you may want to use a private Docker image from a registry of your choice. For example, there are registries like Docker store and quay.io.
Run it on Nerdalize
To allow your private image to start on the Nerdalize cluster, you need to create what we call a ‘secret’. A secret can be one of two types: ‘opaque’ or ‘registry’. For now, we’ll focus on the registry secret type. This informs the Nerdalize cluster from which registry it should pull the private image and what credentials it should use.
For this example, we’ll use the quay.io registry. Keep in mind that the name of the secret needs to be a real registry name.
Create a secret.
$ nerd secret create quay.io --username=<quay-username> --password=<quay-password> --type=registry New Secret: Name: quay.io Type: kubernetes.io/dockerconfigjson
Let’s unpack this:
nerd secret createtells the CLI to create a secret in the cluster.
quay.iospecifies from which registry your private image should be pulled.
--username=<quay-username> --password=<quay-password>collects the credentials to be able to have access to your image.
--type=registryis an important parameter as it specifies which kind of secret should be created.
If you want to create a secret for Docker Hub use
$ nerd secret create index.docker.io --username=<dockerhub-username> --password=<dockerhub-password> --type=registry
List your secrets.
$ nerd secret list SECRET NAME TYPE quay.io kubernetes.io/dockerconfigjson
Start your workload.
$ nerd workload start <your_image> \ --input-dataset <dataset id> --instances=5 Workload created with ID: caa9ffb86d65b70f8903
Create your tasks, etc.
Creating tasks, downloading output, etc. are exactly same as running a workload with a public image.
If needed, delete your secret.
$ nerd secret delete quay.io Secret successfully deleted
You’re now all set to use your private images. The Nerdalize cloud knows how to use secrets on its own, so it doesn’t matter if you’re using a public or a private image. You can always use the same commands.