Using Docker Registries¶
This topic describes how to use Docker registries with Cloud Foundry Container Runtime (CFCR).
Use Private Docker Registries¶
To use a private Docker registry with CFCR, you must add the registry CA certificate to the BOSH Director manifest and redeploy the BOSH Director. Then the BOSH Director will store the certificate in every Kubernetes node it provisions.
- Access your CFCR environment. This is the environment that contains the
KUBO_ENVdirectory with your CFCR configuration. For more information, see the Step 1: Access Your CFCR Environment section of the Deploying CFCR topic.
- Open the
director.ymlfile. This is the BOSH Director manifest.
properties.director.trusted_certs,add the registry CA certificate.
1 2 3 4 5 6 7 8 9 10 11
properties: director: trusted_certs: | # Private Docker registry CA certificate -----BEGIN CERTIFICATE----- MIICsjCCAhugAwIBAgIJAMcyGWdRwnFlMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX ... ItuuqKphqhSb6PEcFMzuVpTbN09ko54cHYIIULrSj3lEkoY9KJ1ONzxKjeGMHrOP KS+vQr1+OCpxozj1qdBzvHgCS0DrtA== -----END CERTIFICATE-----
For more information about configuring trusted certificates in BOSH, see the BOSH documentation.
Redeploy the BOSH Director by following the procedures specific to your IaaS: