Oracle Cloud Platform Data Integration 2020 Specialist — Question 17

A service you are deploying to Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) uses a docker image from a private repository in OCI
Registry (OCIR).
Which configuration is necessary to provide access to this repository from OKE? (Choose the best answer.)

Answer options

• A. Add a generic secret on the cluster containing your identity credentials. Then specify a registryCredentials property in the deployment manifest.
• B. Create a docker-registry secret for OCIR with API key credentials on the cluster, and specify the imagePullSecret property in the application deployment manifest.
• C. Create a docker-registry secret for OCIR with identity Auth Token on the cluster, and specify the imagePullSecret property in the application deployment manifest.
• D. Create a dynamic group for nodes in the cluster, and a policy that allows the dynamic group to read repositories in the same compartment.

Correct answer: C

Explanation

The correct answer is C because creating a docker-registry secret with an identity Auth Token ensures that OKE can authenticate and pull images from the private OCIR repository. Option A is incorrect because it does not specify the correct type of secret needed for image pulling. Option B is wrong as it uses API key credentials instead of the required identity Auth Token. Option D is not relevant to the specific secret configuration needed to access the private repository.