Docker Pulls
Blacksmith automatically caches public docker images to speed up your workflows
Blacksmith by default enables a local Docker registry mirrors across our fleet, which act as “pull through” caches for public Docker images. All Docker pulls on Blacksmith runners are routed through these mirrors, and they only need to hit Docker Hub once, to hydrate the cache. This pull hydrates that particular image into the registry mirror so that subsequent pulls, across organizations, are served through a node-local registry backed by our colocated cache store. This means common image pulls are substantially faster.
Preventing rate limit errors
The other main benefit is that CI jobs across an organization will now not be pulling as frequently from the Docker Hub and will therefore not run into Docker Hub’s rate limits. Prior to the pull through caches, our customers would occasionally run into rate limit errors such as:
This became even more common occurence after Docker Hub’s new rate limits were introduced on April 1st, 2025
In case you continue to run into rate limit errors, please contact us at [email protected]. As a temporary workaround, authenticating with Docker Hub will allow your workflows to pull images with a much higher rate limit.
Authenticating with Docker Hub
Authenticating with Docker Hub
To authenticate with Docker Hub, you can use the docker login
command with your Docker Hub username and password. Here’s an example of how to authenticate with Docker Hub:
Authenticating service containers with Docker Hub credentials
If you’re using service containers in your workflows, you can authenticate with Docker Hub using the credentials
option.