Skip to content

Pull Images to Kubernetes

Copy Nexus Credentials into Kubernetes

As we mentioned before, the login process creates or updates a config.json file that holds an authorization token.

View the config.json file:

cat ~/.docker/config.json

The output contains a section similar to this:

{
    "auths": {
        "<EC2_PUBLIC_IP>:8082": {
            "auth": "c3R...zE2"
        }
    }
}
A Kubernetes cluster uses the secret of kubernetes.io/dockerconfigjson type to authenticate with a container registry to pull a private image.

If you already ran docker login, you can copy that credential into Kubernetes:

kubectl create secret generic regcred \
    --from-file=.dockerconfigjson=~/.docker/config.json \
    --type=kubernetes.io/dockerconfigjson

Then, add the secret to default service account.

kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "secret-name"}]}'

Here is a manifest for an example Pod that needs access to your Docker credentials:

apiVersion: v1
kind: Pod
metadata:
  name: my-private-pod
spec:
  containers:
    - name: private
      image: yourusername/privateimage:version
  imagePullSecrets:
    - name: secret-name