I use Azure Kubernetes Service in order to perform docker images deployment from Azure Container Registry. After deployment I got:
Failed to pull image "<reg_name>.azurecr.io/service:latest": [rpc error: code = NotFound desc = failed to pull and unpack image "<reg_name>.azurecr.io/service:latest": failed to resolve reference "<reg_name>.azurecr.io/service:latest": <reg_name>.azurecr.io/service:latest: not found, rpc error: code = Unknown desc = failed to pull and unpack image "<reg_name>.azurecr.io/service:latest": failed to resolve reference "<reg_name>.azurecr.io/service:latest": failed to authorize: failed to fetch anonymous token: unexpected status: 401 Unauthorized]
I created service principal and got principal name and password (based on: https://anupams.net/using-image-pull-secrets-with-azure-container-registry/), which I put next into kubernetes secret. Next inside my deployment.yml I used property: imagePullSecrets with previously created secret. But it still won't work after deployment and kubectl get pods reports the same issues:
service-deployment-cbf49bcd9-vs2jz 0/1 ImagePullBackOff 0 27m
I tried to log in using "docker login" command with previously created service principal credentials - it works. But not in AKS... Thank you for the help.
You should use the AKS ACR integration that leverages RBAC instead of using service principals with Kubernetes secrets.
Also Microsoft is recommending it:
You can do so by using the Azure CLI for an existing cluster details here or create a new cluster details here. You can also create the role assignment on your own if you are using Terraform or Bicep.
Terraform example: