This topic describes how to create a private image repository in the Container Registry console and use an image in this repository to create an application in the Container Service console.

Create a private image repository

If this is your first time opening the Container Registry console, you will be prompted to enable Container Registry first. Click Enable Now to set a Container Registry logon password.

  1. Log on to the Container Service console.
  2. In the left-side navigation pane, click Image Repositories. Select the target region and click Create Image Repository.
  3. In the dialog box that appears, set the following parameters: namespace, name, digest, and type. In this example, set the repository type to Private. Click Next.
  4. Select Local Repository and click Create Image Repository.
  5. On the Image Repositories page, select the target region and namespace, find the newly created image repository, and click Manage in the Actions column.
  6. On the General Settings page, you can find instructions on how to use the private image repository.
  7. Log on to the image repository through a Linux server and run the following commands to upload a local image to this repository: 
    $ sudo docker login --username=abc@aliyun.com
 Password                                                                                 ## the password for accessing the image repository
 Login Succeed

$ docker images                                                                             # a tomcat image is used
REPOSITORY                                                                 TAG                 IMAGE ID            CREATED             SIZE
tomcat                                                                     latest              2d43521f2b1a        6 days ago          463MB

$ sudo docker tag [ImageId] registry.cn-hangzhou.aliyuncs.com/XXX/tomcat-private:[Image Version Number]           
$ sudo docker push registry.cn-hangzhou.aliyuncs.com/XXX/tomcat-private:[Image Version Number]

    The output is as follows:

    The push refers to a repository [registry.cn-hangzhou.aliyuncs.com/XXX/tomcat-private]
9072c7b03a1b: Pushed
f9701cf47c58: Pushed
365c8156ff79: Pushed
2de08d97c2ed: Pushed
6b09c39b2b33: Pushed
4172ffa172a6: Pushed
1dccf0da88f3: Pushed
d2070b14033b: Pushed
63dcf81c7ca7: Pushed
ce6466f43b11: Pushed
719d45669b35: Pushed
3b10514a95be: Pushed
V1: digest: sha256:cded14cf64697961078aedfdf870e704a52270188c8194b6f70c778a8289**** size: 2836
  8. Go to the details page of the image repository. In the left-side navigation pane, choose Image Versions and verify that the local image is uploaded to the repository.

Create a private repository logon secret

  1. In the left-side navigation pane, choose Configuration > Secrets.
  2. Select the target cluster and namespace. Click Create in the upper-right corner.
  3. Configure the secret and click OK.
  4. You can find the newly created secret on the Secrets page.

You can also Connect to Kubernetes clusters through kubectl to create a private repository logon secret.

Use the private image repository to create an application

  1. In the left-side navigation pane, choose Applications > Deployments to go to the Deployments page.
  2. Select the target cluster and namespace, and click Create from Template in the upper-right corner.
    Note You can also click Create from Image to create an application. For more information, see Use an image Secret.
  3. Select Custom from the Sample Template drop-down list. Copy and paste the following code to the Template area and then click Create. 
    apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1
kind: Deployment 
metadata: 
  name: private-image
  nameSpace: default  
  labels:  
    app: private-image  
spec:   
  replicas: 1
  selector:
    matchLabels:
      app: private-image
  template:
    metadata:
      labels:
        app: private-image
    spec:
      containers:     - name: private-image
        image: registry.cn-hangzhou.aliyuncs.com/xxx/tomcat-private:latest
        ports:
        - containerPort: 8080
      imagePullSecrets:
      - name: regsecret

For more information, see Use a private registry.