I try to setup docker-registry in Kubernetes cluster behind the nginx-ingress controller.The issue is, when I try to push the image into private registry, it tells me:
Get https://registry.local/v2/: x509: certificate is valid for ingress.local, not registry.local
When I curl it, I get response from ingress' backend - 404.
Here's ingress' manifest:
kind: IngressapiVersion: extensions/v1beta1metadata: name: docker-ingress annotations: kubernetes.io/ingress.class: "nginx"spec: tls: - hosts: [ 'registry.local' ] - secretName: registry rules: - host: registry.local http: paths: - backend: serviceName: docker-registry servicePort: 5000 path: /And here's docker-registry manifest:
kind: DeploymentapiVersion: extensions/v1beta1metadata: labels: app: docker-registry name: docker-registryspec: replicas: 1 selector: matchLabels: app: docker-registry template: metadata: labels: app: docker-registry spec: containers: - command: - /bin/registry - serve - /etc/docker/registry/config.yml env: - name: REGISTRY_HTTP_ADDR value: 0.0.0.0:5000 - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY value: /var/lib/registry - name: REGISTRY_HTTP_TLS_CERTIFICATE value: /certs/ca.crt - name: REGISTRY_HTTP_TLS_KEY value: /certs/domain.key image: registry:2.6.2 imagePullPolicy: IfNotPresent name: docker-registry ports: - containerPort: 5000 name: http protocol: TCP volumeMounts: - mountPath: /var/lib/registry name: image-store - mountPath: /certs name: certs volumes: - name: image-store emptyDir: {} - name: certs configMap: name: certs---kind: ServiceapiVersion: v1metadata: labels: app: docker-registry name: docker-registryspec: ports: - name: http port: 5000 protocol: TCP targetPort: 5000 selector: app: docker-registry type: ClusterIPSeparetly, nginx-ingress and docker-registry, work fine, but don't together.
Nothing valuabe from the ingress controller logs can be found.