This configuration is only available for Polyaxon deployed on Kubernetes clusters.

Polyaxon allows to pull and push images from private Container Registries.

By default Polyaxon ships with a Docker Registry which is included in the system namespace. Since this docker registry is running inside your kubernetes cluster and is used internally inside your cluster.

Using a different Docker Registry

If you are using the public cloud you may wish to take advantage of your cloud providers docker registry; or reuse your own existing docker registry.

Disable the build Docker Registry

In your deployment config yaml file:

  enabled: false

Create a secret containing your auth credentials

You need to create a secret containing docker credentials config, e.g.

    "auths": {
        "localhost:5001": {
            "auth": "YW11cmRhY2E6c3VwZXJzZWNyZXRwYXNzd29yZA==",
            "email": "[email protected]"
    "credsStore": "secretservice"

Please see how you can integrate Polyaxon with different cloud providers docker registries.

Add the access information to your registry catalog

After creating the secret with a docker credentials config authorizing access to one or many Docker registries, you need to add a new access to your Polyaxon's registries catalog:


And you need to set the access as default one.

Pulling private images

If you want to keep using the built-in Docker Registry and authorize the Native Builder or Kaniko to pull private images, you can follow the same steps as before to provide authentication to all registries the docker process should have access to, and leave the host empty to use the internal docker process, if the host is not provided and the build-in Docker Registry is disabled the builds will fail.


If you decided to deploy a Registry in-cluster make sure to set proper node scheduling to avoid running high load runs on the same node hosting the Docker Registry.