Azure Container Registry
This tutorial will guide you on how to use your private Azure Container Registry (ACR) with Okteto. It's recommended that you have the Azure CLI installed to follow this tutorial.
The steps to configure your private ACR with Okteto are:
- Create a user with access to your private ACR
- Retrieve the user credentials
- Configure the credentials in Okteto
Step 1: Create a user with access to your private ACR
First you need to create a Service Principal
with role based access control
.
To do so, you will need the following information:
scopes
: the ID of your Azure Container Registryrole
:PULL
to have read access to your pirvate ACR
You can list your current container registries with:
az acr list
Pick the name of your ACR and export it to an environment variable:
export ACR_NAME=<<your-acr-name>>
Get the ID of your ACR with the Azure CLI by executing:
ACR_REGISTRY_ID=$(az acr show --name $ACR_NAME --query "id" --output tsv)
Create the ServicePrincipal with PULL access with the AzureCLI by executing:
az ad sp create-for-rbac --name $SERVICE_PRINCIPAL_NAME --scopes $ACR_REGISTRY_ID --role acrpull
Step 2: Retrieve the user credentials
Get the APP ID
by executing the following command:
APP_ID=$(az ad sp list --display-name $SERVICE_PRINCIPAL_NAME --query "[].appId" --output tsv)
Create a PASSWORD
for that APP ID
:
az ad sp credential reset --id $APP_ID
{
"appId": "<<your-app-id>>",
"password": "<<your-password>>",
"tenant": "98e0e81b-dd65-4132-9d6c-ed2ac3e14e28"
}
Remember the value of appId
and password
. You will need them in the next step.
Step 3: Configure the credentials in Okteto
Add the following registry credentials to the Admin Registry Credentials view:
- Type:
Static
- Hostname: your Azure Container Registry name (
ACR_NAME
) - Username:
appId
from the previous step - Password:
password
from the previous step