kubernetes / Allow pull from gcr

file.txt

Go to the Google Developer Console > Api Manager > Credentials and click "Create credentials" and create a "service account key"
Under "service account" select new and name the new key "gcr" (let the key type be json)
Create the key and store the file on disk (from here on we assume that it was stored under ~/secret.json)
Now login to GCR using Docker from command-line:

$ docker login -e [email protected] -u _json_key -p "$(cat ~/secret.json)" https://eu.gcr.io

This will generate an entry for "https://eu.gcr.io" in your ~/.docker/config.json file.
Copy the JSON structure under "https://eu.gcr.io" into a new file called "~/docker-config.json", remove newlines! For example:

{"https://eu.gcr.io": { "auth": "<key>","email": "[email protected]"}}
Base64 encode this file:

$ cat ~/docker-config.json | base64
This will print a long base64 encoded string, copy this string and paste it into an image pull secret definition (called ~/pullsecret.yaml):

apiVersion: v1
kind: Secret
metadata:
  name: mykey
data:
  .dockercfg: <pase base64 encoded string here>
type: kubernetes.io/dockercfg
Now create the secret:

$ kubectl create -f ~/pullsecret.yaml
Now you can use this pull secret from a pod, for example:

apiVersion: v1
kind: Pod
metadata: 
  name: foo
  namespace: awesomeapps
spec: 
  containers: 
    - image: "janedoe/awesomeapp:v1"
      name: foo
  imagePullSecrets: 
    - name: mykey