Using Image Pull Secrets

If you are using the OKD internal registry and are pulling from image streams located in the same project, then your pod service account should already have the correct permissions and no additional action should be required.

However, for other scenarios, such as referencing images across OKD projects or from secured registries, then additional configuration steps are required.

You can obtain the image pull secret, pullSecret, from the Pull Secret page on the Red Hat OpenShift Cluster Manager site.

You use this pull secret to authenticate with the services that are provided by the included authorities, including Quay.io and registry.redhat.io, which serve the container images for OKD components. Below the example of config.json file:

{
   "auths":{
      "cloud.openshift.com":{
         "auth":"b3Blb=",
         "email":"you@example.com"
      },
      "quay.io":{
         "auth":"b3Blb=",
         "email":"you@example.com"
      }
   }
}
Daftar Materi