I've tried https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ and the base 64 encoded solution in a yaml file (which is ultimately what I need to do) doesn't authenticate. (apparently this is a common problem and if anyone's got a yaml file that has it working I'd love to see it or a method that allows secure deployment from a private repo, just so we don't get stuck in the x-y problem)

So I tried the following:

kubectl create secret generic registrykey --from-file=.dockerconfigjson=/home/dbosh/.docker/config.json --type=kubernetes.io/dockerconfigjson

with the deployment file:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my_deployment
spec:
  selector:
    matchLabels:
      app: my_deployment
      tier: backend
      track: stable
  replicas: 7
  template:
    metadata:
      labels:
        app: my_deployment
        tier: backend
        track: stable
    spec:
      containers:
        - name: my_deployment
          image: "my_private_repo:image_name"
          ports:
            - name: http
              containerPort: 8082
      imagePullSecrets:
      - name: registrykey

However whenever I try to deploy, I keep getting that the "pull access denied for my_private_repo, repository does not exist or may require 'docker login".

Now to create the docker login file, I have indeed logged in and tested again with logging in immediately before regenerating the secret and then redeploying and it still doesn't authenticate.

Any help appreciated please.

UPDATE (thanks to a useful comment):

It would appear that my config.json after logging in looks likethis:

cat .docker/config.json 
{
        "auths": {
                "https://index.docker.io/v1/": {}
        },
        "HttpHeaders": {
                "User-Agent": "Docker-Client/18.09.2 (linux)"
        },
        "credsStore": "secretservice"

This would appear to not contain a token. I generated this from running docker login and providing my credentials. Any ideas anyone?