Unregistered Images

These are images that are not registered in the Aqua console, either via the CI/CD Pipeline or the Container Image Registries. These could be images that were pulled to a host from outside of Aqua, or before Aqua was installed on the host.

Let’s try to deploy an application whose image is not registered in Aqua. Run this command to deploy nginx.

kubectl create deploy nginx --image=nginx:latest

This will try to deploy the nginx application, but it will fail due to our runtime policy. We can check out the error by running the following command until the status of the nginx pod reports RunContainerError:

kubectl get pods -w

nginx-create

You can describe the pod status as follows:

kubectl describe pod <name>

aqua-error

Clean up the deployment

kubectl delete deploy nginx

Registering an image with Aqua

Now let’s register the Nginx image with Aqua using the console.

Navigate to the menu on the left and click on Images and add an image. add-img1

Select Docker Hub in the Registry drop-down and search for nginx with tag latest. add-img2

Wait for the image to be scanned and registered with Aqua img-scanned

Now if we create the nginx deployment again, this time it will work.

kubectl create deploy nginx --image=nginx:latest
kubectl get po -w

img-registered