In private cloud or air-gapped environment, we usually set up our own image registry. This tutorial walks you through how to configure an image registry for KubeSphere to use. For simplicity, we will configure a registry with HTTP protocol, i.e., insecure registry. It is only for testing or development. For production environment, we recommended you to use image registry with HTTPS protocol.
We take Harbor image registry as an example.
/etc/systemd/system/docker.service.d/docker-options.conf
. Note: This example is only for Docker configuration in systemd. You can refer to Docker Documentation - Test an insecure registry for more information.
Please remember replace the address with your own insecure registry, e.g., Harbor address for the configuration below:
[Service]
Environment="DOCKER_OPTS= --insecure-registry=http://192.168.0.21:80 --data-root=/var/lib/docker --log-opt max-size=10m --log-opt max-file=3 "
systemctl daemon-reload
systemctl restart docker
$ docker info
···
Insecure Registries:
192.168.0.31:80
···
$ docker login -u admin -p Harbor12345 http://192.168.0.31:80
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
nginx:1.14-alpine
in local. Tag this image as follows:docker tag nginx:1.14-alpine 192.168.0.31:80/library/nginx:1.14-alpine
docker push 192.168.0.31:80/library/nginx:1.14-alpine