When a Kubernete's pod or deployment pull the container image, the easiest way is to host the image in Dockerhub. However, sometimes you need to host the image in a private registry, therefore, you need to create a secret in Kubernetes to store the credentials and enable the pod to pull the image from the private registry.
Step 1: Create a secret
Using the kubectl command, create a secret as follows:
kubectl create secret generic dockerhub \ --from-file=.dockerconfigjson=~/.docker/config.json \ --type=kubernetes.io/dockerconfigjson The create secret command creates a secret with the name dockerhub and the type kubernetes.io/dockerconfigjson. The --from-file flag specifies that the secret should be created from the file .dockerconfigjson in the home directory of the user, and, the kubernetes.io/dockerconfigjson type is used to specify that the secret is in the format of a Docker configuration file.
Step 2: Specify the secret in the Pod definition
In the spec section of the Pod definition, add the following lines:
imagePullSecrets: - name: dockerhub The imagePullSecrets field specifies that the pod should use the secret to pull the image from the private registry. The name field specifies the name of the secret. A complete example of the Pod definition is shown below:
--- apiVersion: v1 kind: Pod metadata: name: my-app spec: containers: - name: my-app-container image: my-docker-hub-user/my-app-image imagePullSecrets: - name: dockerhub Step 3: Deploy the Pod
The Pod is now ready to be deployed in the Kubernetes cluster using the private image.
kubectl apply -f my-app.yaml 
Top comments (0)