--- title: Container Registry Secrets --- # Container Registry Secrets A Kubernetes **Secret** stores a small amount of sensitive data - such as a password, token, or key - separately from your application code or container image. To let pods pull images from a private container registry, create a **Docker registry secret** and reference it from your pod specification. This keeps registry credentials out of your images and manifests. --- ## Create a Docker Registry Secret Create a secret with your registry credentials: ```bash kubectl create secret docker-registry name-secrets \ --docker-username=username \ --docker-password=pass1234 \ --docker-server=registry.e2enetworks.net ``` Replace `name-secrets` with your secret's name, and use your own registry username, password, and server. ## Use the Secret in a Pod Reference the secret with `imagePullSecrets` so the pod can pull from the private registry: ```bash cat > private-reg-pod-example.yaml << EOF apiVersion: v1 kind: Pod metadata: name: node-hello spec: containers: - name: node-hello-container image: registry.e2enetworks.net/your-repo/your-image@sha256: imagePullSecrets: - name: name-secrets EOF kubectl apply -f private-reg-pod-example.yaml ``` The pod uses `name-secrets` to authenticate to the registry when pulling the image. --- ## Related Resources | Resource | Use it for | | ------------------------------------------------------------------------------------- | --------------------------------------------- | | [Connect to a Cluster](/docs/myaccount/kubernetes/getting-started/connect-to-cluster) | kubeconfig and `kubectl` setup. | | [Object Storage](/docs/myaccount/kubernetes/guides/object-storage) | Store and pull artifacts from object storage. | | [Kubernetes Guides](/docs/myaccount/kubernetes/guides) | More in-cluster how-tos. |