使用cert-manager在kubernetes中的Docker注册表
[英]Docker registry in kubernetes with cert-manager
问题描述
I'm using cert-manager for SSL management with configuration on ingress level. 
我将cert-manager用于SSL管理,并在入口级别进行配置。 For example this config for <myhost>.com (skipping metadata and other not-related config parts): 例如, <myhost>.com此配置(跳过metadata和其他不相关的配置部分):
kind: Certificate
spec:
secretName: myhost-tls
issuerRef:
name: letsencrypt-dns
kind: ClusterIssuer
---
kind: Ingress
...
spec:
tls:
- hosts:
- myhost.com
secretName: myhost-tls
...
Now I'm trying to move my docker registry into kubernetes cluster, but it requires certificate file to configure registry deployment. 现在,我正在尝试将Docker注册表移至kubernetes集群,但是它需要证书文件来配置注册表部署。
Is it possible to use docker registry without SSL (because encryption can be done on ingress level) or use cert-manager to get certificate from docker registry? 是否可以使用不带SSL的Docker注册表(因为可以在入口级别进行加密)或使用cert-manager从Docker注册表获取证书?
1 个解决方案
解决方案1
0 2018-08-14 14:07:53
You can allow the insecure registry in the following way on each node in the cluster: 您可以通过以下方式在群集中的每个节点上允许不安全的注册表:
docker daemon --insecure-registry=255.255.255.255:5000
You can also edit /etc/default/docker and include the following line which will do the above for you: 您还可以编辑/ etc / default / docker并包括以下行,这将为您完成上述操作:
DOCKER_OPTS="--insecure-registry=5.179.232.65:5000"
The DOCKER_OPTS variable will automatically include that option for the Docker daemon. DOCKER_OPTS变量将自动为Docker守护程序包含该选项。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.