Using a private registry on minikube

When using minikube to test containers or features on your machine you might run into the situation where you would like to pull an image from a private Docker registry.

There is a simple way to enable minikube to do so by using kubectl to create a secret, then patch the default serviceaccount to use it.

Create the secret

One way to create a secret is to supply credentials on the command line. This will add your credentials to your shell history though.

kubectl create secret docker-registry pullsecret \
--docker-server=<your-registry-server> \
--docker-username=<your-username> \
--docker-password=<your-password> \
--docker-email=<your-email>

Another solution is to use credentials from the local ~/.docker/config.json.

kubectl create secret generic pullsecret \
--from-file=.dockerconfigjson=${HOME}/.docker/config.json \
--type=kubernetes.io/dockerconfigjson

Patch the default serviceaccount

Last step is to patch the default serviceaccount to use this secret.

kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "pullsecret"}]}'

If you don't want to patch the default serviceaccount you can also reference your secret in imagePullSecret in your pod spec.

apiVersion: v1
kind: Pod
metadata:
name: private-pod
spec:
containers:
- name: private-container
image: <your-private-image>
imagePullSecrets:
- name: pullsecret

Done.