The .dockercfg $HOME/.docker/config.json file for Docker clients is a
Docker credentials file that stores your authentication information if you have
previously logged into a secured or insecure registry.
To pull a secured container image that is not from {product-title}'s internal registry, you must create a pull secret from your Docker credentials and add it to your service account.
-
If you already have a
.dockercfgfile for the secured registry, you can create a secret from that file by running:$ oc create secret generic <pull_secret_name> \ --from-file=.dockercfg=<path/to/.dockercfg> \ --type=kubernetes.io/dockercfg -
Or if you have a
$HOME/.docker/config.jsonfile:$ oc create secret generic <pull_secret_name> \ --from-file=.dockerconfigjson=<path/to/.docker/config.json> \ --type=kubernetes.io/dockerconfigjson -
If you do not already have a Docker credentials file for the secured registry, you can create a secret by running:
$ oc create secret docker-registry <pull_secret_name> \ --docker-server=<registry_server> \ --docker-username=<user_name> \ --docker-password=<password> \ --docker-email=<email> -
To use a secret for pulling images for Pods, you must add the secret to your service account. The name of the service account in this example should match the name of the service account the Pod uses.
defaultis the default service account:$ oc secrets link default <pull_secret_name> --for=pull
-
To use a secret for pushing and pulling build images, the secret must be mountable inside of a Pod. You can do this by running:
$ oc secrets link builder <pull_secret_name>