Merge pull request #84761 from stevsmit/29359-ocpbugs-podman

stevsmit · web-flow · commit 4f1202d48b3e · 2024-11-13T13:12:37.000-05:00
Updates IR docs to include Podman references
diff --git a/modules/images-allow-pods-to-reference-images-from-secure-registries.adoc b/modules/images-allow-pods-to-reference-images-from-secure-registries.adoc
@@ -6,11 +6,19 @@
 [id="images-allow-pods-to-reference-images-from-secure-registries_{context}"]
 = Allowing pods to reference images from other secured registries
 
-The `.dockercfg` `$HOME/.docker/config.json` file for Docker clients is a Docker credentials file that stores your authentication information if you have previously logged into a secured or insecure registry.
+To pull a secured container from other private or secured registries, you must create a pull secret from your container client credentials, such as Docker or Podman, and add it to your service account. 
 
-To pull a secured container image that is not from {product-registry}, you must create a pull secret from your Docker credentials and add it to your service account.
+Both Docker and Podman use a configuration file to store authentication details to log in to secured or insecure registry:
 
-The Docker credentials file and the associated pull secret can contain multiple references to the same registry, each with its own set of credentials.
+* *Docker*: By default, Docker uses `$HOME/.docker/config.json`.
+* *Podman*: By default, Podman uses `$HOME/.config/containers/auth.json`.
+
+These files store your authentication information if you have previously logged in to a secured or insecure registry. 
+
+[NOTE]
+====
+Both Docker and Podman credential files and the associated pull secret can contain multiple references to the same registry if they have unique paths, for example, `quay.io` and `quay.io/<example_repository>`. However, neither Docker nor Podman support multiple entries for the exact same registry path. 
+====
 
 .Example `config.json` file
 [source,json]
@@ -51,22 +59,24 @@ type: Opaque
 
 .Procedure
 
-* If you already have a `.dockercfg` file for the secured registry, you can create a secret from that file by running:
+* Create a secret from an existing authentication file:
+
+** For Docker clients using `.docker/config.json`, enter the following command:
 +
 [source,terminal]
 ----
 $ oc create secret generic <pull_secret_name> \
-    --from-file=.dockercfg=<path/to/.dockercfg> \
-    --type=kubernetes.io/dockercfg
+    --from-file=.dockerconfigjson=<path/to/.docker/config.json> \
+    --type=kubernetes.io/dockerconfigjson
 ----
 
-* Or if you have a `$HOME/.docker/config.json` file:
+** For Podman clients using `.config/containers/auth.json`, enter the following command:
 +
 [source,terminal]
 ----
 $ oc create secret generic <pull_secret_name> \
-    --from-file=.dockerconfigjson=<path/to/.docker/config.json> \
-    --type=kubernetes.io/dockerconfigjson
+     --from-file=<path/to/.config/containers/auth.json> \
+     --type=kubernetes.io/podmanconfigjson
 ----
 
 * If you do not already have a Docker credentials file for the secured registry, you can create a secret by running:
@@ -85,4 +95,4 @@ $ oc create secret docker-registry <pull_secret_name> \
 [source,terminal]
 ----
 $ oc secrets link default <pull_secret_name> --for=pull
-----
+----
