Define a custom CA certificate for a private Docker registry

Available since 2.18.0

Caution

For MOSK-based deployments, the feature support will become available in one of the following Container Cloud releases.

This section instructs you on how to define a custom CA certificate for Docker registry connections on your management, regional, or managed cluster.

  1. Create a ContainerRegistry resource(s) with the required registry domain and CA certificate. For details, see API Reference: ContainerRegistry resource.

  2. In the providerSpec section of the Cluster object, set the containerRegistries field with the names list of created ContainerRegistry resource objects:

    kubectl patch cluster -n <clusterProjectName> <clusterName> --type merge -p '{"spec":{"providerSpec":{"value":{"containerRegistries":["<containerRegistryName>"]}}}}'