diff --git a/src/cluster-configuration/deploy/secret.yaml.template b/src/cluster-configuration/deploy/secret.yaml.template
index caf7205ed..e61d7c59c 100644
--- a/src/cluster-configuration/deploy/secret.yaml.template
+++ b/src/cluster-configuration/deploy/secret.yaml.template
@@ -19,6 +19,7 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: {{ cluster_cfg['cluster']['docker-registry']['secret-name'] }}
+  namespace: %NAMESPACE%
 data:
   .dockerconfigjson: {{ cluster_cfg['cluster']['docker-registry']['base64code'] }}
 type: kubernetes.io/dockerconfigjson
\ No newline at end of file
diff --git a/src/cluster-configuration/deploy/start.sh.template b/src/cluster-configuration/deploy/start.sh.template
index fdac9ea13..692b7a129 100644
--- a/src/cluster-configuration/deploy/start.sh.template
+++ b/src/cluster-configuration/deploy/start.sh.template
@@ -25,7 +25,15 @@ pushd $(dirname "$0") > /dev/null
 # Create secret for job ssh keys
 /bin/bash secret-create.sh || exit $?
 
-kubectl apply --overwrite=true -f secret.yaml || exit $?
+cp secret.yaml secret-default.yaml
+sed  -i "s/%NAMESPACE%/default/g" secret-default.yaml
+kubectl apply --overwrite=true -f secret-default.yaml || exit $?
+rm -rf secret-default.yaml
+
+cp secret.yaml secret-system.yaml
+sed  -i "s/%NAMESPACE%/kube-system/g" secret-system.yaml
+kubectl apply --overwrite=true -f secret-system.yaml || exit $?
+rm -rf secret-system.yaml
 
 # Label all the machines
 {% for host in cluster_cfg['layout']['machine-list'] %}
diff --git a/src/hivedscheduler/deploy/hivedscheduler.yaml.template b/src/hivedscheduler/deploy/hivedscheduler.yaml.template
index 24c117eef..4557e0fe2 100644
--- a/src/hivedscheduler/deploy/hivedscheduler.yaml.template
+++ b/src/hivedscheduler/deploy/hivedscheduler.yaml.template
@@ -34,6 +34,8 @@ spec:
       nodeSelector:
         pai-master: "true"
       serviceAccountName: hivedscheduler-account
+      imagePullSecrets:
+      - name: {{ cluster_cfg["cluster"]["docker-registry"]["secret-name"] }}
       containers:
       - name: hivedscheduler
         image: {{ cluster_cfg["cluster"]["docker-registry"]["prefix"] }}hivedscheduler:{{ cluster_cfg["cluster"]["docker-registry"]["tag"] }}
@@ -75,6 +77,8 @@ spec:
       nodeSelector:
         pai-master: "true"
       serviceAccountName: hivedscheduler-account
+      imagePullSecrets:
+      - name: {{ cluster_cfg["cluster"]["docker-registry"]["secret-name"] }}
       containers:
       - name: defaultscheduler
         image: {{ cluster_cfg["cluster"]["docker-registry"]["prefix"] }}kube-scheduler:{{ cluster_cfg["cluster"]["docker-registry"]["tag"] }}
diff --git a/src/k8s-dashboard/deploy/k8s-dashboard.yaml.template b/src/k8s-dashboard/deploy/k8s-dashboard.yaml.template
index cde34330e..da432c42a 100644
--- a/src/k8s-dashboard/deploy/k8s-dashboard.yaml.template
+++ b/src/k8s-dashboard/deploy/k8s-dashboard.yaml.template
@@ -63,6 +63,8 @@ spec:
             port: {{ cluster_cfg['k8s-dashboard']['dashboard-port'] }}
           initialDelaySeconds: 30
           timeoutSeconds: 30
+      imagePullSecrets:
+      - name: {{ cluster_cfg["cluster"]["docker-registry"]["secret-name"] }}
       tolerations:
       - key: "CriticalAddonsOnly"
         operator: "Exists"