Kubernetes version: 1.18
Cloud being used: AWS
I’ve created a secret for dockerhub authentication, and I’m referencing it in a pod imagePullSecrets entry to authenticate to dockerhub.
I understand the recommended way to allow workloads in different namespaces to authenticate would be to create the secret in each namespace, adn reference that secret in the pods imagePullSecrets.
But I would like to only create the secret in one namespace, then reference that secret in the imagePullSecrets in other namespaces.
I realise secrets are namespace scoped, but I am attempting to make the secret available through rbac (ClusterRole and ClusterRolebinding allowing the pods service account to read the secret in the other namespace).
In the pod spec, I am attempting to reference the secret like this:
imagePullSecrets: - name: kube-system.dockerhub-credentials
Where the namespace the secret is stored is kube-system.
So far I have not had any success with this. I am wondering if this is simply not possible, or if my rbac rules are incorrect. Has anyone else tried this/had any success?