hi all
do you know if it is possible to configure system-docker to access private registry? I want to have this because I would like to run a system service using a image from my private registry.
Thanks a lot!
I do this all the time, when i deploy my image, i just use an image name like this
Maybe I was not clear enough. I mean a private registry with self-signed certificate or insecure mode. When I do so, it fails to pull down the image from my registry since it is not trustable.
I was searching how to do this as well (which is how I stumbled on this forum topic). I also found:
https://github.com/rancher/os/issues/97
but that post is quite old (by Rancher OS standards at least) and it looks like the names of things have changed a bit. However, after reading it, I’m guessing that system-docker can be configured similarly to the user-docker.
So if I look at my “user” Docker config I see:
[rancher@ranchy ~]$ sudo ros config get rancher.docker
tls_args:
- –tlsverify
- –tlscacert=/etc/docker/tls/ca.pem
- –tlscert=/etc/docker/tls/server-cert.pem
- –tlskey=/etc/docker/tls/server-key.pem
- -H=0.0.0.0:2376
args: - daemon
- –log-opt
- max-size=25m
- –log-opt
- max-file=2
- -s
- overlay
- -G
- docker
- -H
- unix:///var/run/docker.sock
And for my “system” Docker I see:
[rancher@ranchy ~]$ sudo ros config get rancher.system_docker
args:
- daemon
- –log-opt
- max-size=25m
- –log-opt
- max-file=2
- -s
- overlay
- -b
- docker-sys
- –fixed-cidr
- 172.18.42.1/16
- –restart=false
- -g
- /var/lib/system-docker
- -G
- root
- -H
- unix:///var/run/system-docker.sock
- –userland-proxy=false
Although I haven’t tried it yet, I bet one could add the insecure flag to the rancher.system_docker.args and then after restarting the system Docker should be able to access an insecure registry.