This article shows how to use secrets to pull an image from a private Docker registry.



Incredibly powerful, Kubernetes offer a simple way to manage your secrets and customize the default registry (Docker Hub).

In this example, we’ll use the Gilab Container Registry service.


Let’s go!

Create a file ~/.dockerconfig with your registry credentials on your local machine.


Export variables from~/.dockerconfig.


To verify the configuration.


You should have the same output:


Everything is ok, let’s create Kubernetes gitlab-registry secret.


It’s time to test it!


To check if your private image has been pulled, your can:




To remove the created pod.


To remove local Docker configuration.


To sharing the secret across multiple Kubernetes namespaces.



  • Chris
    Posted on 23 novembre 2018 at 17 h 57 min

    Hi there,
    actually i am trying this in my MacOSX bash but i got several errors by executing the command, like
    eval $(cat ~/.dockerconfig) i need to make it eval cat ~/.dockerconfig
    Also the « export » infront of the lines for the config file are taken into the enviroment variables, so they are not displayed afterwards like ion your example via printenv | grep DOCKER – instead they all have an « export » infront of every line. For which environment/syntax your example is actually? I am very thankful to find finally an article related to this topic, but now it unfortunately does not work properly for me … thx

    • Dimitri DO BAIRRO
      Posted on 11 décembre 2018 at 17 h 33 min

      Hello @Chris,

      Before beginning, thank you for this feedback.

      The article has been updated, you must have to use source instead of:
      eval $(cat ~/.dockerconfig)

      Have a nice day ?


Leave a comment