# Create a private registry for containers with Ansible

Ref: <https://www.redhat.com/sysadmin/simple-container-registry>

## Run the playbook

```bash
ansible-playbook container_registry.yaml
```

## Setup

Make sure the local CA (domain.crt) is accepted on all the machines that will commit the images AND on all the target systems (the machines where the images will be deployed).

Manually, for Debian:

```bash
HOST=k3s
REGISTRY=tiptop:5000
ssh root@$HOST mkdir -p /etc/containers/certs.d/$REGISTRY
scp certs/domain.crt root@$HOST:/etc/containers/certs.d/$REGISTRY/
```

### Kubernetes

Add the credential to the kubernetes cluster:

```bash
kubectl create secret docker-registry regcred --docker-server=tiptop:5000 --docker-username=admin --docker-password=admin -n default
```

## Use

To push to the registry:

```bash
podman push <image name> docker://<host name>:5000/<image name>
```

To use it in Kubernetes, see <https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/>