Using a private registry on minikube
This post is already over two years old. It may no longer be up to date. Opinions change. If you think someone or something is wrong feel free to contact me.
When using minikube to test containers or features on your machine you might run into the situation where you would like to pull an image from a private Docker registry.
There is a simple way to enable minikube to do so by using kubectl
to create a secret, then patch the default serviceaccount to use it.
Create the secret
One way to create a secret is to supply credentials on the command line. This will add your credentials to your shell history though.
kubectl create secret docker-registry pullsecret \
--docker-server=<your-registry-server> \
--docker-username=<your-username> \
--docker-password=<your-password> \
--docker-email=<your-email>
Another solution is to use credentials from the local ~/.docker/config.json
.
kubectl create secret generic pullsecret \
--from-file=.dockerconfigjson=${HOME}/.docker/config.json \
--type=kubernetes.io/dockerconfigjson
Patch the default serviceaccount
Last step is to patch the default serviceaccount to use this secret.
kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "pullsecret"}]}'
If you don't want to patch the default serviceaccount you can also reference your secret in imagePullSecret
in your pod spec.
apiVersion: v1
kind: Pod
metadata:
name: private-pod
spec:
containers:
- name: private-container
image: <your-private-image>
imagePullSecrets:
- name: pullsecret
Done.