Back to Posts

Kubernetes setup Dockerhub secret

When a Kubernete’s pod or deployment pull the container image, the easiest way is to host the image in Dockerhub. However, sometimes you need to host the image in a private registry, therefore, you need to create a secret in Kubernetes to store the credentials and enable the pod to pull the image from the private registry.

Step 1: Create a secret

Using the kubectl command, create a secret as follows:

kubectl create secret generic dockerhub \
    --from-file=.dockerconfigjson=~/.docker/config.json \

The create secret command creates a secret with the name dockerhub and the type The --from-file flag specifies that the secret should be created from the file .dockerconfigjson in the home directory of the user, and, the type is used to specify that the secret is in the format of a Docker configuration file.

Step 2: Specify the secret in the Pod definition

In the spec section of the Pod definition, add the following lines:

  - name: dockerhub

The imagePullSecrets field specifies that the pod should use the secret to pull the image from the private registry. The name field specifies the name of the secret. A complete example of the Pod definition is shown below:

apiVersion: v1
kind: Pod
  name: my-app
  - name: my-app-container
    image: my-docker-hub-user/my-app-image
  - name: dockerhub

Step 3: Deploy the Pod

The Pod is now ready to be deployed in the Kubernetes cluster using the private image.

kubectl apply -f my-app.yaml
Back to Posts