VK Cloud logo
Updated atOctober 31, 2023   06:09 AM

Connecting to Docker Registry

You can connect to the Docker registry if the appropriate addon is installed in the cluster.

When installing an addon, a standard load balancer with a floating IP address is created for it. Therefore, you can connect to the Docker registry from any host that has Internet access.

Preparatory steps

  1. Make sure that the Docker registry addon (docker-registry) is installed in the cluster.
  2. Make sure that you can connect to the cluster using kubectl.
  3. Get the data to access the Docker registry.

Connecting to the Docker Registry

On the host from which you plan to connect to the registry:

  1. Install Docker Engine if not already installed. There is a choice of either Docker Desktop or a server-side version of Docker Engine without a GUI.

    Docker Engine must be installed on the host from which the registry will be used. Perform the next steps on that host.

  2. Add the Docker registry to the list of trusted registries:

    1. Add the insecure-registries parameter with the address of the Docker registry endpoint to the Docker daemon.json configuration file.

      The address is specified in the format <URL of Docker registry>:<Docker Registry port>.

      1{
      2  ...
      3
      4  { "insecure-registries": [
      5    "https://192.0.2.2:5000"
      6  ],
      7
      8  ...
      9}

      The location of this file for different Docker Engine installations is given in official Docker documentation.

    2. Restart the Docker Engine.

      • For the server version of the Docker Engine, run one of the commands to restart:

        sudo systemd restart docker
        sudo service docker restart
      • For Docker Desktop, use GUI.

  3. Log in into the registry:

    docker login <URL of Docker registry> --username <login for Docker registry>

    Enter the password for the Docker registry.

Now you can do any operations with the registry, for example, to push Docker images there.

Read more about registry operations in official Docker documentation.

Using Docker registry in Kubernetes cluster

In order to deploy workloads in a cluster using images from the Docker registry:

  1. Create the k8s-registry-creds secret which contains the data to access the registry:

    If the --namespace parameter is not provided, then the secret will be created in the default namespace (default).

    1kubectl create secret docker-registry k8s-registry-creds \ 
    2  --docker-server=<registry IP address>:5000 \
    3  --docker-username=<login> \
    4  --docker-password=<password> \
    5  --namespace=<namespace>
  2. Specify in the workload manifest:

    • Name of the created secret in the ìmagePullSecrets parameter.

    • Path to the image from the registry in the containers.image parameter.

      The path should be specified in the <registry IP address>:5000/<image directory>/<image name>:<tag> format.

    Examples of manifests:

    1apiVersion: v1
    2kind: Pod
    3metadata:
    4  name: my-app
    5spec:
    6  imagePullSecrets:
    7  - name: k8s-registry-creds
    8  containers:
    9  - name: my-app
    10    image: <registry IP address>:5000/<image directory>/<image name>:<tag>