Home GitHub

IMPORTANT NOTE: This site is not official Red Hat documentation and is provided for informational purposes only. These guides may be experimental, proof of concept, or early adoption. Officially supported documentation is available at docs.openshift.com and access.redhat.com.

Accessing the Internal Registry from ARO

Kevin Collins


One of the advantages of using OpenShift is the internal registry that comes with OpenShfit to build, deploy and manage container images locally. By default, access to the registry is limited to the cluster ( by design ) but can be extended to usage outside of the cluster. This guide will go through the steps required to access the OpenShift Registry on an ARO cluster outside of the cluster.


Expose the Registry

  1. Expose the registry service
    oc create route reencrypt --service=image-registry -n openshift-image-registry 
  2. Annotate the route
    oc annotate route image-registry haproxy.router.openshift.io/balance=source -n openshift-image-registry
  3. Get the route host name
    HOST=$(oc get route image-registry -n openshift-image-registry --template='')
  4. Log into the image registry
    podman docker login -u $(oc whoami) -p $(oc whoami -t) $HOST

    Test it out

    podman pull openshift/hello-openshift
    podman images 

    expected output

     openshift/hello-openshift                                   latest    7af3297a3fb4   4 years ago    6.09MB