Private registries #2194
Private registries #2194
Conversation
| `key_file` | The client key path that will be used to authenticate with the registry | ||
| `ca_file` | Defines the CA certificate path to be used to verify the registry's server cert file | ||
|
|
||
| The credentials consist of either username/password or authentication token: |
There was a problem hiding this comment.
I removed cred in my copy edit because I didn't see it in the code examples. Is that OK?
|
|
||
| Note that server nodes are schedulable by default. If you have not tainted the server nodes and will be running workloads on them, please ensure you also create the registires.yaml file on each server as well. | ||
|
|
||
| Configuration in Containerd can be used to connect to a private registry with a TLS connection and with registries that enable authentication as well. The following section will explain the `registries.yaml` file and give different examples of using private registry configuration in K3s. |
There was a problem hiding this comment.
Nitpick: contianerd should not be capitalized if you go off how they use it such as here https://github.com/containerd/containerd/blob/master/README.md
If we want to leave it capitalized I won't care too much but they don't do it.
If we decide to make it lower case other changes are needed in the document, not just here.
There was a problem hiding this comment.
Changed Containerd to containerd throughout, except when it appears at the beginning of a sentence.
| `key_file` | The client key path that will be used to authenticate with the registry | ||
| `ca_file` | Defines the CA certificate path to be used to verify the registry's server cert file | ||
|
|
||
| The credentials consist of either username/password or authentication token: |
| {{% tabs %}} | ||
| {{% tab "With Authentication" %}} | ||
| | ||
| With Auth Content here: |
There was a problem hiding this comment.
I don't like the "With Auth Content here:" why not completely remove these lines -- just show pure YAML for each of the tabs. (so also need to remove the other lines like this below)
There was a problem hiding this comment.
Removed "with auth content" from the tabs
|
|
||
| > In case of no TLS communication, you need to specify `http://` for the endpoints, otherwise it will default to https. | ||
|
|
||
| In order for Containerd to take an effect, you need to restart K3s on each node in order to leverage the private registry. |
There was a problem hiding this comment.
Nitpick:
Re word the last line to something like:
In order for the registry changes to take effect, you need to restart K3s on each node.
No description provided.