Skip to content

Pull Docker Images from ACR using Service Principal and Run on Azure Virtual Nodes

Docker Manifests

Step-01: Introduction

  • We are going to pull Images from Azure Container Registry which is not attached to AKS Cluster.
  • We are going to do that using Azure Service Principals.
  • Build a Docker Image from our Local Docker on our Desktop
  • Push to Azure Container Registry
  • Create Service Principal and using that create Kubernetes Secret.
  • Using Kubernetes Secret associated to Pod Specificaiton, pull the docker image from Azure Container Registry and Schedule on Azure AKS Virtual Nodes

Image

Azure Kubernetes Service with Azure DevOps and Terraform

Step-02: Build Docker Image Locally

# Change Directory
cd docker-manifests

# Docker Build
docker build -t acr-app3:v1 .

# List Docker Images
docker images
docker images acr-app3:v1

Step-03: Run locally and test

# Run locally and Test
docker run --name acr-app3 --rm -p 80:80 -d acr-app3:v1

# Access Application locally
http://localhost

# Stop Docker Image
docker stop acr-app3

Step-04: Enable Docker Login for ACR Repository

  • Go to Services -> Container Registries -> acrdemo2ss
  • Go to Access Keys
  • Click on Enable Admin User
  • Make a note of Username and password

Step-05: Push Docker Image to Azure Container Registry

Build, Test Locally, Tag and Push to ACR

# Export Command
export ACR_REGISTRY=acrdemo2ss.azurecr.io
export ACR_NAMESPACE=app3
export ACR_IMAGE_NAME=acr-app3
export ACR_IMAGE_TAG=v1
echo $ACR_REGISTRY, $ACR_NAMESPACE, $ACR_IMAGE_NAME, $ACR_IMAGE_TAG

# Login to ACR
docker login $ACR_REGISTRY

# Tag
docker tag acr-app3:v1  $ACR_REGISTRY/$ACR_NAMESPACE/$ACR_IMAGE_NAME:$ACR_IMAGE_TAG
It replaces as below
docker tag acr-app3:v1 acrdemo2ss.azurecr.io/app3/acr-app3:v1

# List Docker Images to verify
docker images acr-app3:v1
docker images $ACR_REGISTRY/$ACR_NAMESPACE/$ACR_IMAGE_NAME:$ACR_IMAGE_TAG

# Push Docker Images
docker push $ACR_REGISTRY/$ACR_NAMESPACE/$ACR_IMAGE_NAME:$ACR_IMAGE_TAG

Verify Docker Image in ACR Repository

  • Go to Services -> Container Registries -> acrdemo2ss
  • Go to Repositories -> app3/acr-app3

Step-06: Review & Update Deployment Manifest with Image Name, ImagePullSecrets

    spec:
      containers:
        - name: acrdemo-localdocker
          image: acrdemo2ss.azurecr.io/app3/acr-app3:v1
          imagePullPolicy: Always
          ports:
            - containerPort: 80
      imagePullSecrets:
        - name: acrdemo2ss-secret

Step-07: Review & Update Deployment Manifest with NodeSelector

# To schedule pods on Azure Virtual Nodes            
      nodeSelector:
        kubernetes.io/role: agent
        beta.kubernetes.io/os: linux
        type: virtual-kubelet
      tolerations:
      - key: virtual-kubelet.io/provider
        operator: Exists
      - key: azure.com/aci
        effect: NoSchedule

Step-08: Deploy to AKS and Test

# Deploy
kubectl apply -f kube-manifests/

# List Pods
kubectl get pods -o wide

# Get Load Balancer IP
kubectl get svc

# Access Application
http://<External-IP-from-get-service-output>

Step-07: Clean-Up

# Delete Applications
kubectl delete -f kube-manifests/

# Delete Container Registry
Go to Services -> Container Registries -> acrdemo2ss -> Delete

# Delete AKS Cluster
Go to Services -> Resource Groups -> aks-rg2 -> Delete

Best Selling Azure Kubernetes Service Course on Udemy

Image

Best Selling AWS EKS Kubernetes Course on Udemy

Image

HashiCorp Certified Terraform Associate - 50 Practical Demos

Image

Stay Updated — Weekly Kubernetes guides, cloud tips & DevOps strategies.

🎉 New Course
Ultimate DevOps Real-World Project Implementation on AWS
$15.99 $84.99 81% OFF
DEVOPS2026FEB
Enroll Now on Udemy
🎉 Offer