Free Apr 2025 Limits 10x Stricter for Unauth

Docker Hub Pull Rate Calculator

Find out if your CI/CD pipeline will hit Docker Hub rate limits. See when 429 errors will occur and the cheapest way to fix it.

Docker Hub Account Type

CI/CD Platform

Pipeline Configuration

Developers / CI machines 5 devs

1255075100

Builds per developer per day 5 builds/dev

1102030

Docker pulls per build 3 pulls/build

151015

FROM lines + explicit docker pull commands

CI active hours per day 8 hrs/day

1hr8hr16hr24hr

Multi-arch builds

Multi-architecture builds

Each pull counts 2x (amd64 + arm64)

Runs in your browser. No data stored.

Pulls Per Hour — Your Pipeline vs Limit

Safe

Your pipeline: 0/hr Limit: 100/hr 0%

Pulls / Hour

429 Risk

Low

Daily Pulls

Hourly Headroom

Within rate limits

Your pipeline will not hit Docker Hub rate limits.

Pull Breakdown

Pulls needed per hour 0

Hourly limit 100

Builds per hour

Arch multiplier

1x (single arch)

Pulls per build

Monthly pulls

Docker Hub Plans — What You Actually Get

Plan	Pulls/hr	Price	Users	Key Feature
Unauthenticated	10	$0	Per IP	None
Personal (Free)	100	$0	1 user	1 private repo
Pro	Unlimited	$9/mo	1 user	200 Build Cloud min
Team	Unlimited	$15/user/mo	Multi-user	RBAC + audit logs
Business	Unlimited	$24/user/mo	Enterprise	SSO/SAML + 1500 Build min

Pull limits (10/hr unauth, 100/hr free, unlimited paid) apply per IP or per authenticated user. Pro is ideal for solo developers. Team adds multi-user org management and RBAC. Business adds SSO, compliance features, and image access management.

Free Solutions — Avoid Rate Limits Without Paying

Authenticate in CI with docker login Free — 100/hr per user

Add docker login to your CI pipeline using a free Docker Hub account. Raises limit from 10/hr (shared IP) to 100/hr per authenticated user. Takes 2 minutes to set up.

# GitHub Actions - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }}

Mirror images to GitHub Container Registry Free for public repos

Copy your base images to GHCR (ghcr.io). Public images have no pull limits. Perfect for standard base images like node, python, ubuntu.

docker pull node:18-alpine docker tag node:18-alpine ghcr.io/yourorg/node:18-alpine docker push ghcr.io/yourorg/node:18-alpine # Then in Dockerfile: FROM ghcr.io/yourorg/node:18-alpine

Use AWS ECR Public Gallery Free — No limits

AWS ECR Public Gallery (public.ecr.aws) mirrors all major Docker Hub images with no pull limits. Just change your FROM line — no authentication needed.

# Instead of: FROM node:18-alpine FROM public.ecr.aws/docker/library/node:18-alpine

Configure Docker registry mirror Free

Set up a local registry mirror or use mirror.gcr.io on self-hosted runners so images are cached after first pull. Subsequent pulls skip Docker Hub entirely.

# /etc/docker/daemon.json { "registry-mirrors": ["https://mirror.gcr.io"] }

Cost to Upgrade — Is It Worth It?

Pro (1 user)

$9/mo

$108/yr

Unlimited pulls

Team (5 users)

$75/mo

$900/yr

RBAC + org mgmt

Business (5 users)

$120/mo

$1,440/yr

SSO + compliance

For most teams, authenticating with a free Docker Hub account and pulling 100/hr per user is sufficient. Only upgrade to Team/Business if you need org management, RBAC, SSO, or audit logs.

Share this tool

Help developers avoid unexpected Docker Hub 429 errors

Share on X Share on LinkedIn

Docker Hub Rate Limits — 2026 Reference

Official Docs

Pull Rate Limits (April 2025)

Unauthenticated

No docker login — shared IP

10 pulls/hour

per IP address

Personal (Free)

Logged-in free account

100 pulls/hour

per user

Pro / Team / Business

Any paid plan

Unlimited

fair use policy

Limits effective April 1, 2025 — 10x reduction for unauthenticated pulls from previous 100/6hr limit.

Plan Differences

Pro — $9/mo (annual)

Single user only

Unlimited private repos

200 Docker Build Cloud min/mo

2 Docker Scout repos (CVE scanning)

Team — $15/user/mo (annual)

Multiple users + org management

RBAC + audit logs

200 Build Cloud min/user/mo

Unlimited Docker Scout repos

Business — $24/user/mo

SSO/SAML + centralized user mgmt

Image access management

1,500 Build Cloud min/user/mo

SOC 2 Type 2 compliance

Frequently Asked Questions

The most common cause is unauthenticated pulls from shared CI runner IPs. GitHub Actions, GitLab CI SaaS, and CircleCI cloud runners share IP addresses with thousands of other users. The 10 pulls per hour unauthenticated limit applies to the entire IP — not just your team. So even if you only run a few builds, other users on the same IP are consuming the limit. The fix is to add docker login to your CI pipeline using a free Docker Hub account, which raises your personal limit to 100 pulls per hour per user.

On April 1, 2025, Docker Hub reduced unauthenticated pull limits from 100 pulls per 6 hours per IP to 10 pulls per hour per IP — a 10x reduction in effective rate. Authenticated free accounts dropped from 200 pulls per 6 hours to 100 pulls per hour — which works out to roughly the same effective throughput. Paid plans (Pro, Team, Business) remain unlimited under fair use policy.

Yes. When you pull a multi-architecture image, Docker fetches the manifest list and then pulls the specific architecture layer. However Docker also caches the manifest lookup. In practice, building for both amd64 and arm64 in the same pipeline effectively counts each architecture as a separate pull against your limit. If your CI builds multi-arch images using docker buildx, you should account for 2x pulls per FROM statement.

Try the free alternatives first — they solve the rate limit problem at no cost. Adding docker login to your CI (free account, 100/hr per user) solves most small team issues. Using AWS ECR Public Gallery (public.ecr.aws) mirrors popular images with no limits and requires zero authentication. Only upgrade to Pro ($9/mo) or Team ($15/user/mo) if you specifically need the Docker Hub ecosystem features like Docker Scout vulnerability scanning, Build Cloud minutes, or org management — not just for rate limits alone.

Both Pro and Team offer unlimited pulls. Pro ($9/month) is designed for a single developer — one user account, unlimited private repositories, 200 Docker Build Cloud minutes, and 2 Docker Scout repos for vulnerability scanning. Team ($15/user/month) adds multi-user organization management, role-based access control so you can control who can push to which repos, audit logs, and unlimited Docker Scout repos. Team has a minimum of 25 seats for new customers as of 2025. If you are a solo developer, Pro is sufficient. If you have a team that needs shared access and permission control, Team is necessary.

More Developer Cost Calculators

GitHub Actions

CI/CD cost calculator

Rate limit calculator