Pulling Docker Container from Private Registry in Kubernetes
To pull a docker container from a private registry, create a docker-registry secret via:
kubectl create secret docker-registry regcred --docker-server=https://index.docker.io/v1/ --docker-username=xxx --docker-password=xxx --docker-email=xxx
Make sure to replace the username / password / email with your information. Also, replace the docker server url if using a registry different from docker hub.
Common registry server urls are (saving these for later, because sometimes these are annoying to find)
- Docker hub:
https://index.docker.io/v1/ - Github Actions:
docker.pkg.github.com/[owner]/[repo] - Quay:
quay.io - Google Container Registry:
gcr.io(global endpoint, might need to use a regional one) - Amazon Elastic Container Registry:
[aws_account_id].dkr.ecr.[region].amazonaws.com - Azure Container Registry:
[registry_name].azurecr.io
Example using the secret in deployment config:
apiVersion: apps/v1
kind: Deployment
metadata:
name: whoami
spec:
replicas: 1
selector:
matchLabels:
app: whoami
template:
metadata:
labels:
app: whoami
spec:
containers:
- name: whoami-container
image: d3or/whoami
ports:
- containerPort: 3000
imagePullSecrets:
- name: regcred