Grant Rok Registry Access to Private Docker Registry¶
In this section we will guide you through granting Rok Registry access to Arrikto’s GCP Container Registry.
dockerconfig.json file contains a token with pull
access to the
arrikto-deploy GCP Container Registry. In order to pull
container images for Rok Registry and its components, you need to copy this
file in certain locations under the kustomization tree of the GitOps repository.
Choose one of the following options in order to grant Rok Registry access
- Option 1: If you want to grant Rok Registry access to
arrikto-deployin an automated manner with the Rok-deploy CLI, follow Option 1: Grant Rok Registry Access to Private Docker Registry Automatically (preferred).
- Option 2: If you want to grant Rok Registry access to
arikto-deploymanually, follow Option 2: Grant Rok Registry Access to Private Docker Registry Manually.
Follow Option 2 and proceed with the manual installation.
In this section you will grant Rok Registry access to Arrikto’s GCP private
container registry in an automated manner, using the
In this section you will grant Rok Registry access to Arrikto’s GCP private container registry manually.
Go to your GitOps repository, inside your
root@rok-tools:~# cd ~/ops/deployments
/root/dockerconfig.jsonto the following locations:
root@rok-tools:~/ops/deployments# cp /root/dockerconfig.json rok/rok-registry-cluster/overlays/deploy/secrets/dockerconfig.json root@rok-tools:~/ops/deployments# cp /root/dockerconfig.json rok/rok-operator/overlays/registry/deploy/secrets/dockerconfig.json
Stage changes for commit:
root@rok-tools:~/ops/deployments# git add \ > rok/rok-registry-cluster/overlays/deploy/secrets/dockerconfig.json \ > rok/rok-operator/overlays/registry/deploy/secrets/dockerconfig.json
Commit your changes:
root@rok-tools:~/ops/deployments# git commit -am "Add credentials for Arrikto's private registry"
Kustomize will read these files, auto-generate Secrets, and pass them to
individual Rok Registry components, so that they can pull from the
arrikto-deploy container registry on your behalf.
Since you will end up using the mirrored images instead of the Arrikto-provided ones, follow the Set Up Cluster-Wide Authenticated Access to a Docker Registry guide to allow for pulling images from your internal registry. The ImagePullSecrets that you configured above will remain unused.
You have successfully granted Rok Registry access to Arrikto’s private GCP Container Registry.