29 lines
943 B
Markdown
29 lines
943 B
Markdown
# Create a private registry for containers with Ansible
|
|
|
|
Ref: <https://www.redhat.com/sysadmin/simple-container-registry>
|
|
|
|
Just run: ansible-playbook container_registry.yaml
|
|
|
|
~~~
|
|
|
|
Make sure the local CA (domain.crt) is accepted on all the machines that will commit the images AND on all the target systems (the machines where the images will be deployed).
|
|
|
|
Manually, for Debian:
|
|
HOST=k3s
|
|
REGISTRY=tiptop:5000
|
|
ssh root@$HOST mkdir -p /etc/containers/certs.d/$REGISTRY
|
|
scp certs/domain.crt root@$HOST:/etc/containers/certs.d/$REGISTRY/
|
|
|
|
~~~
|
|
|
|
Next, add the credential to the kubernetes cluster:
|
|
kubectl create secret docker-registry regcred --docker-server=tiptop:5000 --docker-username=admin --docker-password=admin -n default
|
|
|
|
~~~
|
|
|
|
To push to the registry:
|
|
podman push <image name> docker://<host name>:5000/<image name>
|
|
|
|
~~~
|
|
|
|
To use it in Kubernetes, see <https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/>
|