Unable to pull new image with AKS and ACR
there are two ways to get this sorted
- Map the ACR to AKS
CLIENT_ID=$(az aks show --resource-group $AKS_RESOURCE_GROUP --name $AKS_CLUSTER_NAME --subscription $SUBSCRIPTION_ID --query "servicePrincipalProfile.clientId" --output tsv)ACR_ID=$(az acr show --name $ACR_NAME --resource-group $ACR_RESOURCE_GROUP --subscription $SUBSCRIPTION_ID --query "id" --output tsv)az role assignment create --assignee $CLIENT_ID --role Reader --scope $ACR_ID
other way is to add the Image pull secret, which will be of type kubernetes.io/dockerconfigjson
this can be done by -
kubectl create secret docker-registry regcred --docker-server=<your-registry-server> --docker-username=<your-name> --docker-password=<your-pword> --docker-email=<your-email>
Then you can refer this secret as imagePullSecret in the deployment files and the authentication error shall not be there
Got this working by disabling the Log Analytics addon using:
az aks disable-addons -a monitoring -n <AKSName> -g <ResourceGroupName>
As per one of the error messages I posted, it seems my log analytics was just causing things to fall apart (not sure why though) so disabled it for the time being and was able to update creds with
az aks update-credentials --resource-group <group>--name <aks name>--reset-service-principal --service-principal <sp id> --client-secret <client-secret>