Kubernetes - How to Configure Docker Repository to Pull Image and Configure Secret

Introduction

In most of cases, you are not pulling images from docker hub public repository. You might have your private registry or repository configured in your premises. In that case, you need to tell kubernetes how to pull images from that repository.

Create Docker-Config json file

First, you need to create docker-config json file. Filename: docker-config.json

Assumming, I have registry/repository host as: my-docker-repository.com Example:

{
    "auths": {
        "my-docker-repository.com": {
            "username": "<username>",
            "password": "<artifactory token>",
            "email": "<email>",
            "auth": "<base64(username:token)>"
        }
    }
}

Note: The auth above is calculated as base64 of "username:token".

You might have multiple repositories. In that case, just add multiple such json like below:

{
  "auths":{
    "<repo1>":{
      "username": "",
      "password": "",
      "email": "",
      "auth": ""
    },
    "<repo2>":{
      "username": "",
      "password": "",
      "email": "",
      "auth": ""
    },
    "<repo3>":{
      "username": "",
      "password": "",
      "email": "",
      "auth": ""
    },
  }
}

Shell Script for Creating Secret

Below is the script for creating kubernetes secret.

kubectl create secret generic dockerreg_cred --from-file=.dockerconfigjson=./secret/prod/docker-config.json --type=kubernetes.io/dockerconfigjson

Where, I have placed the docker-config.json file at secret/prod/docker-config.json.

Above script will create a kubernetes secret. Now, is the time to use this secret while pulling docker image.

Sample Deployment Yaml Config file

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-api
  labels:
    app: my-api
spec:
  replicas: 1
  selector:
    matchLabels:
      app: my-api
  template:
    metadata:
      labels:
        app: my-api
    spec:
      containers:
      - name: my-api
        image: my-docker-repo.com/apps/head/my-api:latest
        imagePullPolicy: Always
        envFrom:
        - configMapRef:
            name: my-api-config
        ports:
        - containerPort: 8080
        volumeMounts:
            - name: my-api-pvc
              mountPath: /var/opt
        resources:
          limits:
            cpu: 2
            memory: 4Gi
          requests:
            cpu: 2
            memory: 4Gi
      imagePullSecrets:
      - name: dockerreg_cred
      volumes:
        - name: my-api-pvc
          persistentVolumeClaim:
            claimName: my-pvc

Note the section:

imagePullSecrets:
  - name: dockerreg_cred

You are all set.

Kubernetes - How to Configure Docker Repository to Pull Image and Configure Secret

Introduction

Create Docker-Config json file

Shell Script for Creating Secret

Sample Deployment Yaml Config file

Related Posts

Kubernetes - How to Solve Gateway Timeout with Http Statuscode Error 504

Kubernetes - How to Set Namespace So You Do Not Need to Mention it Again and Again in Kubectl Commands.

How to Copy Local Docker Image to Another Host Without Repository and Load

How to configure Grafana (Free version) with oAuth Okta, with SSL on Kubernetes

How to connect to a running mysql service on host from a docker container on same host

Docker: unauthorized: incorrect username or password.

Latest Posts

Claude Code Skills — Build a Better Engineering Workflow with AI-Powered Code Reviews, Security Scans, and More

Server Security Best Practices — Complete Hardening Guide for Production Systems

Staff Engineer Study Plan for MAANG Interviews — The Complete 12-Week Roadmap

XSS and CSRF Explained — The Complete Guide with Real Attack Examples and Defenses

OWASP Top 10 (2021) — Every Vulnerability Explained with Code

HTTP Cookies Security — Everything Developers Get Wrong