Using a private registry on minikube

When using minikube to test containers or features on your machine you might run into the situation where you would like to pull an image from a private Docker registry.

There is a simple way to enable minikube to do so by using kubectl to create a secret, then patch the default serviceaccount to use it.

Create the secret

One way to create a secret is to supply credentials on the command line. This will add your credentials to your shell history though.

kubectl create secret docker-registry pullsecret \
    --docker-server=<your-registry-server> \
    --docker-username=<your-username> \
    --docker-password=<your-password> \
    --docker-email=<your-email>

Another solution is to use credentials from the local ~/.docker/config.json.

kubectl create secret generic pullsecret \
    --from-file=.dockerconfigjson=${HOME}/.docker/config.json \
    --type=kubernetes.io/dockerconfigjson

Patch the default serviceaccount

Last step is to patch the default serviceaccount to use this secret.

kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "pullsecret"}]}'

If you don’t want to patch the default serviceaccount you can also reference your secret in imagePullSecret in your pod spec.

apiVersion: v1
kind: Pod
metadata:
  name: private-pod
spec:
  containers:
  - name: private-container
    image: <your-private-image>
  imagePullSecrets:
  - name: pullsecret

Done.