Young Gyu Kim <credemol@gmail.com>

Push Docker Image to Docker Hub

On this page

Introduction
Overview: Service Foundry Builder Requirements
- Prerequisites
Step-by-Step Guide to Push a Docker Image to Docker Hub
4. Create a Docker Registry Secret
Conclusion
References

Introduction

Kaniko is a tool for building container images from a Dockerfile within a container or Kubernetes cluster. Unlike traditional Docker builds, Kaniko operates entirely in user space and does not require a Docker daemon.

This tutorial is the first part of a Kaniko series and walks you through building a basic Docker image and pushing it to Docker Hub using Kubernetes.

Reference: Based on the official Kaniko documentation:

https://github.com/GoogleContainerTools/kaniko/blob/main/docs/tutorial.md

Overview: Service Foundry Builder Requirements

Service Foundry Builder supports the following:

Runs in containers (Kubernetes-native)
Deploys Service Foundry modules
Builds and pushes Docker images to container registries such as Docker Hub, ACR, and ECR

Prerequisites

A running Kubernetes cluster
kubectl installed and configured
Docker Hub (or any container registry) account for pushing images

Step-by-Step Guide to Push a Docker Image to Docker Hub

1. Define a Dockerfile

We’ll use a simple “Hello World” Dockerfile:

dockerfile

FROM ubuntu
ENTRYPOINT ["/bin/bash", "-c", "echo Hello Kaniko at $(date)"]

2. Create a Kubernetes Namespace

Create the kaniko namespace for the build process:

$ kubectl get namesapce kaniko &> /dev/null || kubectl create namespace kaniko

3. Create a ConfigMap for the Dockerfile

Create a ConfigMap to save the dockerfile.

$ kubectl -n kaniko create configmap kaniko-helloworld-dockerfile \
  --from-file=dockerfile \
  --dry-run=client -o yaml \
  | yq eval 'del(.metadata.creationTimestamp)' \
  > kaniko-helloworld-dockerfile-configmap.yaml

$ kubectl apply -f kaniko-helloworld-dockerfile-configmap.yaml

4. Create a Docker Registry Secret

Prepare environment variables for your Docker Hub credentials:

$ DOCKER_SERVER=https://index.docker.io/v1/
$ DOCKER_USERNAME=your_username
$ DOCKER_PASSWORD=your_password
$ DOCKER_EMAIL=your_email

Create the Docker registry secret:

$ kubectl -n kaniko create secret docker-registry docker-registry-credential \
  --docker-server=$DOCKER_SERVER \
  --docker-username=$DOCKER_USERNAME \
  --docker-password=$DOCKER_PASSWORD \
  --docker-email=$DOCKER_EMAIL

5. Create the Kaniko Pod Manifest

Save the following as kaniko-example-pod.yaml:

kaniko-example-pod.yaml

apiVersion: v1
kind: Pod
metadata:
  generateName: kaniko-example-
  namespace: kaniko
spec:
  containers:
    - name: kaniko
      #(1)
      image: gcr.io/kaniko-project/executor:latest
      #(2)
      args: ["--dockerfile=/workspace/dockerfile",
             "--context=dir://workspace",
             "--destination=credemol/kaniko-hello-world"] # replace with your dockerhub account
      volumeMounts:
        #(3)
        - name: kaniko-secret
          mountPath: /kaniko/.docker
        #(4)
        - name: dockerfile-storage
          mountPath: /workspace
  restartPolicy: Never
  volumes:
    #(5)
    - name: kaniko-secret
      secret:
        secretName: docker-registry-credential
        items:
          - key: .dockerconfigjson
            path: config.json
    #(6)
    - name: dockerfile-storage
      configMap:
        name: kaniko-helloworld-dockerfile

1	The Kaniko executor image. This image is used to build the Docker image.
2	The arguments passed to the Kaniko executor. The --dockerfile argument specifies the path to the Dockerfile, the --context argument specifies the build context, and the --destination argument specifies the destination for the built image.
3	The volume mount for the Docker registry credentials. This is where the Kaniko executor will look for the Docker registry credentials.
4	The volume mount for the Dockerfile. This is where the Kaniko executor will look for the Dockerfile.
5	The volume for the Docker registry credentials. This is where the Kaniko executor will look for the Docker registry credentials.
6	The volume for the Dockerfile. This is where the Kaniko executor will look for the Dockerfile.

Apply the manifest:

$ kubectl apply -f kaniko-example-pod.yaml

6. Monitor the Build Process

Check the logs to monitor the image build and push process:

$ kubectl -n kaniko logs -f <kaniko-pod-name>

7. Check Docker Image in Docker Hub

Your Docker image should now be available in Docker Hub. You can verify this by logging into your Docker Hub account and checking the repository.

Figure 1. Pushed Docker image to Docker Hub

8 Run the Image from Docker Hub

Once the image is pushed to Docker Hub, you can run it with:

#$ docker run --rm -it credemol/kaniko-hello-world

kubectl -n kaniko run -it --rm echo-hello-world --image=credemol/kaniko-hello-world --restart=Never

Example Output:

Hello Kaniko at Wed Apr 30 22:19:04 UTC 2025
pod "echo-hello-world" deleted

Conclusion

In this tutorial, you’ve learned how to:

Use Kaniko to build Docker images without a Docker daemon
Push images to Docker Hub from within a Kubernetes cluster
Deploy and run Kaniko as a Kubernetes Pod

References

https://github.com/GoogleContainerTools/kaniko/blob/main/docs/tutorial.md