Define a custom CA certificate for a private Docker registry¶
This section instructs you on how to define a custom CA certificate for Docker registry connections on your management or managed cluster using the Container Cloud web UI or CLI.
Caution
A Docker registry that is being used by a cluster cannot be deleted.
Define a custom CA certificate for a Docker registry using CLI¶
Create a
ContainerRegistry
resource(s) with the required registry domain and CA certificate. For details, see API Reference: ContainerRegistry resource.In the
providerSpec
section of theCluster
object, set thecontainerRegistries
field with the names list of createdContainerRegistry
resource objects:kubectl patch cluster -n <clusterProjectName> <clusterName> --type merge -p '{"spec":{"providerSpec":{"value":{"containerRegistries":["<containerRegistryName>"]}}}}'
Define a custom CA certificate for a Docker registry using web UI¶
Available since 2.21.0 and 2.21.1 for MOSK 22.5
Log in to the Container Cloud web UI with the
m:kaas:namespace@operator
orm:kaas:namespace@writer
permissions.In the Container Registries tab, click Add Container Registry.
In the Add new Container Registry window, define the following parameters:
- Container Registry Name
Name of the Docker registry to select during cluster creation or post-deployment configuration.
- Domain
Host name and optional port of the registry. For example,
demohost:5000
.
- CA Certificate
SSL CA certificate of the registry to upload or insert in plain text.
Click Create.
You can add the created Docker registry configuration to a new or existing managed cluster as well as to an existing management cluster:
For a new managed cluster, in the Create new cluster wizard, select the required registry name from the drop-down menu of the Container Registry option. For details on a new cluster creation, see Create and operate managed clusters.
For an existing cluster of any type, in the More menu of the cluster, select the required registry name from the drop-down menu of the Configure cluster > General Settings > Container Registry option. For details on an existing managed cluster configuration, see Change a cluster configuration.