Grant Rok Access to Private Docker Registry

In this section we will guide you through granting Rok access to Arrikto’s GCP Container Registry.

The Arrikto provided dockerconfig.json file contains a token with pull access to the arrikto-deploy GCP Container Registry. In order to pull container images for Rok and its components, you need to copy this file in certain locations under the kustomization tree of the GitOps repository.

Choose one of the following options to give Rok access to arrikto-deploy:

Option 1: Grant Rok Access to Private Docker Registry Automatically (preferred)

In this section you will grant Rok access to Arrikto’s GCP private container in an automated manner, using the rok-deploy CLI.

Procedure

Choose one of the following options, based on your cloud provider.

Follow the on-screen instructions to grant Rok access to arrikto-deploy GCP private container registry.

You may now proceed to the Summary section.

Rok does not currently support automatically gaining access to Arrikto’s private Docker registry. Please follow the instructions in Option 2: Grant Rok Access to Private Docker Registry Manually to grant Rok access to the private Docker Registry.
Rok does not currently support automatically gaining access to Arrikto’s private Docker registry. Please follow the instructions in Option 2: Grant Rok Access to Private Docker Registry Manually to grant Rok access to the private Docker Registry.

Option 2: Grant Rok Access to Private Docker Registry Manually

If you want to grant Rok access to Arrikto’s GCP private container manually, follow this section.

Procedure

  1. Go inside your clone of the GitOps repo:

    root@rok-tools:~# cd ~/ops/deployments
    
  2. Copy the dockerconfig.json from /root/dockerconfig.json to the following locations with:

    root@rok-tools:~/ops/deployments# cp /root/dockerconfig.json rok/rok-cluster/overlays/deploy/secrets/dockerconfig.json
    root@rok-tools:~/ops/deployments# cp /root/dockerconfig.json rok/rok-operator/overlays/deploy/secrets/dockerconfig.json
    root@rok-tools:~/ops/deployments# cp /root/dockerconfig.json rok/rok-disk-manager/overlays/deploy/secrets/dockerconfig.json
    root@rok-tools:~/ops/deployments# cp /root/dockerconfig.json rok/rok-kmod/overlays/deploy/secrets/dockerconfig.json
    
  3. Stage changes for commit:

    root@rok-tools:~/ops/deployments# git add \
    >     rok/rok-cluster/overlays/deploy/secrets/dockerconfig.json \
    >     rok/rok-operator/overlays/deploy/secrets/dockerconfig.json \
    >     rok/rok-disk-manager/overlays/deploy/secrets/dockerconfig.json \
    >     rok/rok-kmod/overlays/deploy/secrets/dockerconfig.json
    
  4. Commit your changes:

    root@rok-tools:~/ops/deployments# git commit -am "Add credentials for Arrikto's private registry"
    

Note

Kustomize will read these files, auto-generate Secrets, and pass them to individual Rok components, so that they can pull from the arrikto-deploy container registry on your behalf.

Summary

You have successfully granted Rok access to Arrikto’s private GCP Container Registry.

What’s Next

The next step is to configure set up users for Rok.