Private docker registry
Hi there,
I just got access to the new kubernetes cluster feature. I was wondering about how to access a private docker registry?
Thanks,
M
Log In to Comment
4 Answers
I've done this with Gitlab as my Docker registry.
Create a secret of type docker-registry:
kubectl create secret docker-registry gitlab-registry --docker-email="EMAIL" --docker-username="USERNAME" --docker-server="https://registry.gitlab.com/" --docker-password="PASSWORD"
My deployment spec:
spec:
replicas: 1
selector:
matchLabels:
app: deploymentName
template:
metadata:
labels:
app: deploymentName
spec:
containers:
- name: deploymentName
image: registry.gitlab.com/group/repo:0.9.0
ports:
- containerPort: 8080
imagePullSecrets:
- name: gitlab-registry
Hope that helps!
-
For security reasons I'd advise against manually passing the password when creating a secret as that will be forever stored in the shell history.
Another option would be to first login into docker using the command below. That will create a config file with the credentials and then print out it's location.
docker loginYou can then create a secret (ex.
regcred) from the config file instead.kubectl create secret generic regcred \ --from-file=.dockerconfigjson=<path/to/.docker/config.json> \ --type=kubernetes.io/dockerconfigjsonAfterwards you can configure the image pull secrets on the pod:
... spec: imagePullSecrets: - name: regcred ...
The announcement blog did write:
We understand having your data close to your cluster is essential, so you’ll have the option to deploy a private container registry to your cluster with no configuration, and store the images on DigitalOcean Spaces.
So I understand that's not really possible? I can't find a setting anywhere.
Same for the "ingress controller", where is it?
I haven't yet tried to use a private registry from within DO K8s, but have you followed the usual procedure as specified here? https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
Have another answer? Share your knowledge.