Check all images with latest tag (or no tag at all) that have the 'imagePullPolicy' field set to 'Never' or 'IfNotPresent'. If exist, Kubernetes may run older version of the container images (if they happen to be cached on a node) without user knowing about this.
CronJob, DaemonSet, Deployment, Job, Pod, ReplicaSet, StatefulSet
Check all images that have latest tag or have no tag, and have the 'imagePullPolicy' field set to 'Never' or 'IfNotPresent'.
Use 'imagePullPolicy' field set to 'Always'. It will not pull images if they have the same digest as the cached one.
apiVersion: v1 kind: Pod metadata: name: private-image-test-1 spec: containers: - name: uses-private-image) image: gcr.io/google-samples/microservices-demo/loadgenerator:latest # we look at the image tag (afer the ":") imagePullPolicy: Always # we look at this field command: [ "echo", "SUCCESS" ]
Updated 6 months ago