These are images that are not registered in the Aqua console, either via the CI/CD Pipeline or the Container Image Registries. These could be images that were pulled to a host from outside of Aqua, or before Aqua was installed on the host.
Let’s try to deploy an application whose image is not registered in Aqua. Run this command to deploy nginx.
kubectl create deploy nginx --image=nginx:latest
This will try to deploy the nginx application, but it will fail due to our runtime policy. We can check out the error by running the following command until the status of the nginx pod reports RunContainerError
:
kubectl get pods -w
You can describe the pod status as follows:
kubectl describe pod <name>
Clean up the deployment
kubectl delete deploy nginx
Now let’s register the Nginx image with Aqua using the console.
Navigate to the menu on the left and click on Images
and add an image.
Select Docker Hub in the Registry drop-down and search for nginx
with tag latest
.
Wait for the image to be scanned and registered with Aqua
Now if we create the nginx
deployment again, this time it will work.
kubectl create deploy nginx --image=nginx:latest
kubectl get po -w