Error response from daemon: pull access denied for mynamespace-replaceme/goldpinger, repository does not exist or may require 'docker login'

[gjcarneiro]

In your README "Example YAML", the docker image does not exist.

Error response from daemon: pull access denied for mynamespace-replaceme/goldpinger, repository does not exist or may require 'docker login'

[marcosdiez]

That's because that repository does not exist. Apparently Bloomberg is not publishing the binaries.
You can just compile yourself or use a random one from docker hub, like image: "gokulpch/goldpinger:1.0.2" (which I found but have no affiliation whatsoever with the author)

I also had some RBAC permission issues, so this is my whole working YAML file:
The last section should be improved to harden security, but I am still using it in a test cluster.

---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: goldpinger
  labels:
    app: goldpinger
spec:
  updateStrategy:
    type: RollingUpdate
  selector:
    matchLabels:
      app: goldpinger
  template:
    metadata:
      labels:
        app: goldpinger
    spec:
      containers:
        - name: goldpinger
          env:
            - name: HOST
              value: "0.0.0.0"
            - name: PORT
              value: "80"
            # # kubeconfig needs to match the location of what's injected in the secret
            # # if not specified goldpinger will default to using in-cluster config
            # - name: KUBECONFIG
            #   value: "./kube/config"
            # refresh interval (seconds) tells goldpinger to call every other instance with that frequency (set to 0 to disable)
            - name: REFRESH_INTERVAL
              value: "30"
            # injecting real hostname will make for easier to understand graphs/metrics
            - name: HOSTNAME
              valueFrom:
                fieldRef:
                  fieldPath: spec.nodeName
          image: "gokulpch/goldpinger:1.0.2"
          ports:
            - containerPort: 80
              name: http
---
apiVersion: v1
kind: Service
metadata:
  name: goldpinger
  labels:
    app: goldpinger
spec:
  type: NodePort
  ports:
    - port: 80
      nodePort: 30080
      name: http
  selector:
    app: goldpinger
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: default-view
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: view
subjects:
  - kind: ServiceAccount
    name: default
    namespace: default

[seeker89]

@gjcarneiro @marcosdiez that's correct, we are not providing docker images for security reasons, and are encouraging building them from the source yourself. That's why the template has the mynamespace-replaceme/goldpinger portion of it.

@marcosdiez we should probably add an authorization rule in the example config to get people started even more easily.

[gjcarneiro]

I honestly don't understand this "for security reasons". If everyone did this, we wouldn't have any docker images. Even Kubernetes itself publishes docker images (gcr.io/google_containers/hyperkube). Imagine if everyone had to build their own hyperkube image?...

[seeker89]

@gjcarneiro Unfortunately it's currently our policy to encourage people to build their own images for compliance and security vulnerability management.

[seeker89]

Just for anyone seeing this issue, official docker images have been available for a while now:

docker pull bloomberg/goldpinger:v3.0.0