How To Push/Pull Docker Images Into Oracle OKE Registry

Requirement:

   We have built some customized docker images for our apps. We need to upload it to OKE registry and being used by  OKE engineer later. Please refer official oracle doc

Solution:

• Make sure you have correct privileges to push images to OCI registry. You need your tenancy admin to update the policies to allow you to do that
• Generate Auth Token from OCI  user settings. see details in official oracle doc
• On the host where your docker images are, use docker to login

docker login phx.ocir.io   (we use phoenix region)
If users are federated with another directory services

Username:  <tenancy-namespace>/<federation name>/test.test@oracle.com
i.e.   mytenancy-namespace/corp_login_federate/test.test@oracle.com
If no federation, remove <federation name>

Password:  <The Auth token you generated before>

Login succeed.

• Tag the images you would like to upload

docker tag hello-world:latest

<region-code>.ocir.io/<tenancy-namespace>/<repo-name>/<image-name>:<tag>

docker tag hello-world:latest phx.ocir.io/peo/engops/hello-world:latest

• Remember to add "repo-name"
• Push the image to registry

docker push  phx.ocir.io/peo-namespace/engops/hello-world:latest

• Pull the image

 docker pull phx.ocir.io/peo-namespace/engops/hello-world

• To use it in K8S yaml file, we need to add secret for docker login. Refer k8s doc and oci doc for details

kubectl create secret docker-registry iad-ocir-secret --docker-server=iad.ocir.io --docker-username='<tenancy-namespace>/<federation name>/test.test@oracle.com' --docker-password='******' --docker-email='test@test.com'

 part of sample yaml is like

spec:
      containers:
      - name: helloworld
    # enter the path to your image, be sure to include the correct region prefix 
        image: <region-code>.ocir.io/<tenancy-namespace>/<repo-name>/<image-name>:<tag>
        ports:
        - containerPort: 80
      imagePullSecrets:
    # enter the name of the secret you created
      - name: <secret-name>