2

Today I want to add a docker registry credential in kubernetes v1.21.3 (it works fine in lower version of kubernetes but have problem in new version of kubernetes):

kubectl create secret docker-registry regcred \
--docker-server=registry.cn-hangzhou.aliyuncs.com \
--docker-username=docker654321 \
--docker-password=$balabala123 \
--docker-email=foo@gmail.com \
-n reddwarf-pro

but it tell me:

error: either --from-file or the combination of --docker-username, --docker-password and --docker-server is required

what should I do to add docker registry crediential into this cluster? This is the version info:

[root@k8smasterone ~]# kubectl version
Client Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.3", GitCommit:"ca643a4d1f7bfe34773c74f79527be4afd95bf39", GitTreeState:"clean", BuildDate:"2021-07-15T21:04:39Z", GoVersion:"go1.16.6", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.2", GitCommit:"092fbfbf53427de67cac1e9fa54aaa09a28371d7", GitTreeState:"clean", BuildDate:"2021-06-16T12:53:14Z", GoVersion:"go1.16.5", Compiler:"gc", Platform:"linux/amd64"}
AdminBee
  • 22,803
Dolphin
  • 609

1 Answers1

1

The root of the problem

The --docker-password argument was supplied a value which contained a Shell special character - the $. The shell, which pre-processes the command line arguments before they are passed to the actual program (kubectl) therefore mistook the statement $balabala123 as referring to a shell variable named balabala123 and replaced it with the content of that shell variable. But there was no such shell variable or (environment variable) defined, so the string $balabala123 was replaced with "nothing", and kubectl instead saw:

--docker-password= \

The reason for the error message is that

The solution

Escape the special character: In the current setting, the $ is the only character special to the shell, so we only need to escape this one.

kubectl create secret docker-registry regcred \
--docker-server=registry.cn-hangzhou.aliyuncs.com \
--docker-username=docker654321 \
--docker-password=\$balabala123 \
--docker-email=foo@gmail.com \
-n reddwarf-pro

The same problem was also dicussed on the kubernetes bug report forum.

AdminBee
  • 22,803
Dolphin
  • 609
  • it is helpful to know how shell parse the command but I obviously did not know. So it hard to aware of some implicit problem.@AdminBee So I just tried to escape the special $ and it works, I also did not know any more, why the @ not escape and works? – Dolphin Aug 05 '21 at 07:20
  • 2
    The @ is in no way special to the shell and therefore does not need escaping or quoting. Personally, I would recommend single-quoting strings containing special characters (--docker-password='$balabala123') rather than escaping individual characters (which works, but which makes for ugly code and which is fiddly). – Kusalananda Aug 05 '21 at 08:06