Pull an image


Control Plane can pull container images from public or private Docker compatible repositories. Pull secrets are required when pulling images from private repositories or from another Control Plane Org. When using the Control Plane built-in private image repository provided for your org, a pull secret is not required.


Pull From Public Repositories

Use the following formats when pulling from a public repository:

  1. Amazon ECR: public.ecr.aws/REGISTRY-ALIAS/IMAGE_NAME:TAG
  2. Docker Hub: IMAGE_NAME:TAG
  4. GitHub Container Registry: ghcr.io/OWNER/IMAGE_NAME:TAG

Pull From Private Repositories

Step 1 - Create a Pull Secret

  • If pulling an image from the Control Plane private repository provided for your Org, skip to step 3.

  • If pulling an image from another Control Plane Org, continue with step 1.

  1. Create a new pull secret by either:
    • Clicking Secrets in the left menu and click New, or
    • Click the Create dropdown in the upper right corner and select Secret.
  2. Enter a unique name and optional description.
  3. From the Secret Type dropdown, select one of the following:
  4. After entering the secret content, click Next (Tags).
  5. Enter any optional tags. Click Create. The secret has been successfully created.

If you wish, the CLI can be used instead of the console.

See secret create-docker, secret create-gcp

Step 2 - Associate with a GVC

  1. Click GVC in the left menu and click the Pull Secrets link.
  2. Click the Add button, select the secret created in step 1 and click OK.
  3. Click Save. The secret is now associated with the GVC as a Pull Secret.

Step 3 - Configure Workload

  1. Refer to the Create a Workload guide and Workload reference page to create/manage your workload.

  2. For the step where the image name is entered, follow the syntax below for the target registry:


    • Control Plane (Same Org): /org/ORG_NAME/image/IMAGE_NAME:TAG or //image/IMAGE_NAME:TAG
    • Control Plane (Cross Org): ORG_NAME.registry.cpln.io/IMAGE_NAME:TAG
    • Amazon ECR: AWS_ACCOUNT_ID.dkr.ecr.REGION.amazonaws.com/IMAGE_NAME:TAG
    • Azure CR: REGISTRY.azurecr.io
    • Docker: IMAGE_NAME:TAG
    • GCR: gcr.io/IMAGE_NAME:TAG
    • GitHub Container Registry: ghcr.io/OWNER/IMAGE_NAME:TAG
  3. After creating or saving the Workload, a new deployment will be queued. Click on the Deployments link to view the deployment status. If there is an error (i.e. authentication failed), it will be display under each deployment.

Copyright © 2024 Control Plane Corporation. All rights reserved. Revision ba5c0f81