Configuring the environment for service custom deployment

Create a Docker image in the project and install necessary dependencies in the build script. Build the image.

Create a secret with a password for your container registry.

If you are using a registry created in Yandex Container Registry, authenticate using the authorized key for the service account that has the required roles and is specified in the project settings:

1. If you do not have the Yandex Cloud command line interface yet, install and initialize it.

2. Get authorized keys for your service account and save them to the key.json file:

   yc iam key create --service-account-name default-sa -o key.json
   

   Result:

   id: aje8a87g4eaj********
   service_account_id: aje3932acde3********
   created_at: "2019-05-31T16:56:47Z"
   key_algorithm: RSA_2048
   

3. Run this command:

   cat key.json | docker login \
     --username json_key \
     --password-stdin \
     cr.yandex
   

   Where:

   • cat key.json writes the contents of the key file to the output stream.
   • --password-stdin allows the password to be read from the input stream.

   Result:

   Login Succeeded
   

Upload the Docker image to the container registry. To do this, run the cell with the code:

#!:docker-publish <image_name>:<image_tag> cr.yandex/<image_path>:<tag>

• <image_name>: Image name in DataSphere.
• <image_tag>: Image tag in DataSphere.
• <image_path>: Path to the Container Registry image in the cr.yandex/<registry_ID format.>/<image_name>;
• <tag>: Image tag.

During the uploading, specify the username and choose a secret with a password. For authorization in Container Registry, provide the json_key token type as username and enter the secret instead of password.

In the node creation form, specify the path to the image in this format: cr.yandex/<registry_address>:<tag>.