How to automate a docker run from a private Dockerhub repo?

Question

I have a EC2 server running Docker and I'd like to add the following to the User Data so my private Dockerhub images will be pulled/run when the server starts up, like so:

#!/bin/bash
sudo docker run -p 3333:3333 -d --name Hello myusername/hello

But I'm unsure as to how to go about authenticating in order to gain access to the private repo myusername/hello.

With Github you create and upload a deploy key, does Dockerhub offer a similar deploy key option?

Answer 1

UPDATE: Figured out an even better way that doesn't involve baking your creds into an image at all. See the following question for information that would be applicable to solving this problem as well: Is it secure to store EC2 User-Data shell scripts in a private S3 bucket?

This helps keep your secrets in the least number of places necessary at any given time.

Figured out a better way:

1. Launch a machine using your desired OS
2. Install Docker
3. run sudo docker login on that machine
4. Upon successful authentication Docker will place a .dockercfg file in your home directory (e.g. /home/yourusername/.dockercfg). Docker will use this file for all authentication from now on.
5. Create an image of your machine to be used when launching all new instances. This image will now have the .dockercfg file baked-in.
6. Add the following to the User Data of your machine image:

#!/bin/bash
sudo docker run -p 3333:3333 -d --name Hello yourusername/hello

Now when you launch an instance based on your machine image your sudo docker run commands will succeed in pulling private repos provided the user you run the docker command under has a .dockercfg file in their home directory.

Hope that helps anyone looking to figure this out.