How to use Kubernetes Secret to pull private Docker Images from DockerHub
Usman Ahmad
Posted on March 27, 2023
In this article, you will learn how we pull the private docker image from DockerHub using Kubernetes Secret and create a Kubernetes Pod from the docker private image.
Docker Hub:
Docker Hub is a hosted repository service provided by Docker for finding and sharing container images with your team. Key features include Private Repositories: Push and pull container images. Automated Builds: Automatically build container images from GitHub and Bitbucket and push them to Docker Hub.
Kubernetes Secrets:
A Secret is an object that contains a small amount of sensitive data such as a password, a token, or a key. Such information might otherwise be put in a Pod specification or in a container image. Using a Secret means that you don’t need to include confidential data in your application code.
Example:
To use a secret to pull a private image from a container registry, you can create a “imagePullSecrets” field in your deployment or pod YAML file. Here’s an example:
Step1: Create a secret
kubectl create secret docker-registry my-registry-secret \
— docker-username=DOCKER_USER \
— docker-password=DOCKER_PASSWORD \
— docker-email=DOCKER_EMAIL
Replace the DOCKER_REGISTRY_SERVER, DOCKER_USER, DOCKER_PASSWORD, and DOCKER_EMAIL with your container registry server address, username, password, and email respectively.
Step2: My Dockerhub account, where I have my private docker image
Step3: Create a deployment file with “imagePullSecrets”
Modify your deployment or pod YAML file to include the imagePullSecrets field:
In this example, we added the imagePullSecrets field to the deployment YAML file, and set the value to the name of the secret we created in step 1 (my-registry-secret). Kubernetes will use this secret to authenticate with the container registry when pulling the private-registry/my-image image.
When you apply the modified YAML file to your cluster, Kubernetes will use the specified secret to authenticate with the container registry and pull the private image.
Step4: Final result
For this article I am using “minikube” cluster, so you can see that before creating the deployment we don’t have the docker image “usm87/jenkins-cicd-maven-project:v4”
After creating the deployment, below are the Pod event logs
Now you can see we have the docker image “usm87/jenkins-cicd-maven-project:v4” pulled from the docker hub successfully.
Posted on March 27, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.
Related
November 29, 2024
November 14, 2024