Use custom images from private registries

From Neo4j 4.4.4, you can use custom images from private registries by adding new or existing imagePullSecrets.

Add an existing imagePullSecret

You can use an existing imagePullSecret for your Neo4j deployment by specifying its name in the values.yaml file. The Neo4j Helm chart checks if the provided imagePullSecret exists in the Kubernetes cluster and uses it. If a Secret with the given name does not exist in the cluster, the Neo4j Helm chart throws an error.

For more information on how to set your Docker credentials in the cluster as a Secret, see the Kubernetes documentation.

Using an already existing Secret mysecret
# values.yaml
# Override image settings in Neo4j pod
image:
  imagePullPolicy: IfNotPresent
  # set a customImage if you want to use your own docker image
  customImage: demo_neo4j_image:v1

  #imagePullSecrets list
  imagePullSecrets:
      - "mysecret"

Create and add a new imagePullSecret

Alternatively, you can create a new imagePullSecret for your Neo4j deployment by defining an equivalent imageCredential in the values.yaml file.

The Neo4j Helm chart creates a Secret with the given name and uses it as an imagePullSecret to pull the custom image defined. The following example shows how to define a private docker registry imageCredential with the name mysecret.

Creating and adding mysecret as the imagePullSecret to the cluster.
# values.yaml
# Override image settings in Neo4j pod
image:
  imagePullPolicy: IfNotPresent
  # set a customImage if you want to use your own docker image
  customImage: custom_neo4j_image:v1

  #imagePullSecrets list
  imagePullSecrets:
      - "mysecret"

  #imageCredentials list for which Secret of type docker-registry will be created automatically using the details provided
  # password and name are compulsory fields for an imageCredential, without these fields helm chart will throw an error
  # registry, username, and email are optional fields, but either the username or the email must be provided
  # imageCredential name should be part of the imagePullSecrets list or else the respective imageCredential will be ignored and no Secret creation will be done
  # In case of a Secret already pre-existing you don't need to mention the imageCredential, just add the pre-existing secretName to the imagePullSecret list
  # and that will be used as an imagePullSecret
  imageCredentials:
    - registry: "https://index.docker.io/v1/"
      username: "myusername"
      password: "mypassword"
      email: "myusername@example.com"
      name: "mysecret"