The Kubernetes Service and Docker Private Registries

January 26, 2019 1.7k views
Kubernetes Docker

In the DigitalOcean Kubernetes service, is there any way to use container images from private Docker registries? For instance, using images from AWS Elastic Container Registry (ECR). There’s Kubernetes documentation about this general topic, but I was not able to identify a method which could work in the context of DigitalOcean Kubernetes. Any help would be much appreciated.

3 Answers

Has anyone had any success configuring Amazon ECR as a private registry?

Look at Helm charts (package management for Kubernetes solution sets).

An example of setting up a registry on K8s can be seen here in step 3: https://www.katacoda.com/javajon/courses/kubernetes-serverless/openfaas

A UI can be added to this using the above headless registry: https://medium.com/quiq-blog/docker-registry-ui-874c890d2c9b

You can also utilize registry vendors and their community editions that offer container registries as a plugin (container registries are just one type of registry) to their wide array of registry solutions.

https://github.com/helm/charts/tree/master/stable/sonatype-nexus
https://github.com/helm/charts/tree/master/stable/artifactory

Later, you may also want to use these solutions for hosting Helm charts, jars, npm dependencies, etc.

Also:

http://port.us.org/

A large HA enterprise option is Quay that can run privately on K8s. Has very nice account and staging features and also support Helm chart repositories.

Add a security scanner to the registry with Clair.

Have another answer? Share your knowledge.