I want to set up a cluster local docker registry so that I can push/pull images very quickly without some of the policy restrictions of my corporate docker registry (for example, all images in that registry have to have certain labels set, something that kaniko cannot do for cached images).
The goal would be to serve as an image cache that could be used by both CI/CD build jobs, as well as for deployment to the cluster itself.
I have been able to set up a registry in the cluster, but I've run into a few issues:
- What should the FQDN be for the registry?
- If I tag the images using internal cluster name (like
registry.<ns>.svc.cluster.local), then how can I getcontainerdrunning on the cluster to deploy the images? - If create an ingress, and then tag the images using that FQDN I have to:
- Set up an ingress
- Secure the ingress so that only the servers in the cluster can access the ingress
- If I tag the images using internal cluster name (like
If it matters, this is an on-prem cluster, where the servers are running containerd (no docker is installed)
What is the best way to go about doing this? I feel like there has to be an easy way, but I'm not seeing it