Introduce support for container secrets for @kubernetes #1261
Comments
|
Any news with this issue? The secrets support is pretty basic requirement to be able to use Metaflow with AKS. |
|
@GregAru it is on our short term roadmap to add image pull secrets to Metaflow but that shouldn't block Metaflow usage at all given that one can add those to the service account today (as linked in the URL above) |
nschmeller
added a commit
to nschmeller/metaflow
that referenced
this issue
May 8, 2025
This commit adds support for specifying Kubernetes container image pull secrets in the `kubernetes` step decorator. As an example: ```python @kubernetes( image='docker.io/some-private-repo/image', image_pull_secrets=['regcred'] ) @step def some_step: ... ``` Example output from `kubectl describe pod <some-pod>` on the `metaflow-dev` stack where `metaflow` was installed via `pip install -e </path/to/repo/checkout>: ```console Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 1m default-scheduler Successfully assigned default/t-f03abf3d-2rpgp-j72q8 to minikube Normal Pulling 1m kubelet Pulling image "docker.io/some-private-repo/image" Normal Pulled 1m kubelet Successfully pulled image "docker.io/some-private-repo/image" in 669ms (670ms including waiting) Normal Created 1m kubelet Created container some-step Normal Started 1m kubelet Started container some-step ``` Resolves Netflix#1261
nschmeller
added a commit
to nschmeller/metaflow
that referenced
this issue
May 8, 2025
This commit adds support for specifying Kubernetes container image pull secrets in the `kubernetes` step decorator. As an example: ```python @kubernetes( image='docker.io/some-private-repo/image', image_pull_secrets=['regcred'] ) @step def some_step: ... ``` Example output from `kubectl describe pod <some-pod>` on the `metaflow-dev` stack where `metaflow` was installed via `pip install -e </path/to/repo/checkout>`: ```console Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 1m default-scheduler Successfully assigned default/t-f03abf3d-2rpgp-j72q8 to minikube Normal Pulling 1m kubelet Pulling image "docker.io/some-private-repo/image" Normal Pulled 1m kubelet Successfully pulled image "docker.io/some-private-repo/image" in 669ms (670ms including waiting) Normal Created 1m kubelet Created container some-step Normal Started 1m kubelet Started container some-step ``` Resolves Netflix#1261
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
as an alternate to https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account
The text was updated successfully, but these errors were encountered: