You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/openshift/howto-use-acr-with-aro.md
+10-3Lines changed: 10 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,12 +5,12 @@ author: johnmarco
5
5
ms.author: johnmarc
6
6
ms.service: azure-redhat-openshift
7
7
ms.topic: conceptual
8
-
ms.date: 01/10/2021
8
+
ms.date: 03/09/2023
9
9
---
10
10
11
11
# Use Azure Container Registry with Azure Red Hat OpenShift (ARO)
12
12
13
-
Azure Container Registry (ACR) is a managed container registry service that you can use to store private Docker container images with enterprise capabilities such as geo-replication. To access the ACR from an ARO cluster, the cluster can authenticate with ACR by storing Docker login credentials in a Kubernetes secret. Likewise, an ARO cluster can use an imagePullSecret in the pod spec to authenticate against the registry when pulling the image. In this article, you'll learn how to set up an Azure Container Registry with an Azure Red Hat OpenShift cluster to store and pull private Docker container images.
13
+
Azure Container Registry (ACR) is a managed container registry service that you can use to store private Docker container images with enterprise capabilities such as geo-replication. To access the ACR from an ARO cluster, the cluster can authenticate with ACR by storing Docker login credentials in a Kubernetes secret. Likewise, an ARO cluster can use an imagePullSecret in the pod spec to authenticate against the registry when pulling the image. In this article, you'll learn how to set up an Azure Container Registry with an Azure Red Hat OpenShift cluster to store and pull private Docker container images.
14
14
15
15
## Prerequisites
16
16
@@ -32,7 +32,6 @@ Instead, you can use the Azure CLI to get these credentials:
32
32
```azurecli
33
33
az acr credential show -n <your registry name>
34
34
```
35
-
36
35
## Create the Kubernetes secret
37
36
38
37
Now, we'll use these credentials to create a Kubernetes secret. Execute the following command with your ACR credentials:
>This secret will be stored in the current OpenShift Project (Kubernetes Namespace) and will only be referenceable by pods created in that Project. See this [document](https://docs.openshift.com/container-platform/4.4/openshift_images/managing_images/using-image-pull-secrets.html) for further instructions on creating a cluster wide pull secret.
51
50
51
+
## Link the secret to the service account
52
+
53
+
Next, link the secret to the service account that will be used by the pod, so the pod can reach the container registry. The name of the service account should match the name of the service account used by the pod. `default` is the default service account:
54
+
55
+
```
56
+
oc secrets link default <pull_secret_name> --for=pull
57
+
```
58
+
52
59
## Create a pod using a private registry image
53
60
54
61
Now that we've connected your ARO cluster to your ACR, let's pull an image from your ACR to create a pod.
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments