feat(registry): add private registry documentation #201
Conversation
|
|
||
| In order to deploy Docker images from a private repository on to Deis Workflow the following steps |
There was a problem hiding this comment.
Maybe simpler:
To deploy Docker images from a private registry, take the following steps:
- Gather the username and password for the registry, such as a [Quay.io Robot Accounts][] or [GCR.io Long Lived Token][]
|
I'd be careful about using registry and repository interchangeably. It might be more precise to indicate that this can be used for private registries (e.g. if you host your own) or private repositories within a public registry like Dockerhub or quay.io. On a separate note, there's mention of compacting the JSON blob for a long-lived token, but there's no mention of how that can be applied. Is the compacted token just substituted as the value of the |
|
It's in the password - It's all listed out in the GCR documentation. I can update that |
helgi
force-pushed
the
registry
branch
2 times, most recently
from
c92a9f4 to
e526ab1
Compare
|
|
||
| To deploy Docker images from a private registry (either from self-hosted registry or one of the public ones), |
There was a problem hiding this comment.
minor: should say "from a self-hosted registry"
|
|
||
| To deploy Docker images from a private registry (either from a self-hosted registry or one of the public ones), | ||
| take the following steps: |
There was a problem hiding this comment.
Suggested change:
"To deploy Docker images from a private registry or even from a private repository within a public registry, take the following steps:"
|
|
||
| * Gather the username and password for the registry, such as a [Quay.io Robot Accounts][] or [GCR.io Long Lived Token][] | ||
| * Run `deis registry:set username=<the-user> password=<secret> -a <application-name>` | ||
| * Now do `deis pull` as normal, against an image in the private registry |
There was a problem hiding this comment.
Would "perform" sound better than "do"?
There was a problem hiding this comment.
Total nit... non-blocking. LGTM2
|
👍 |
|
@helgi Are there any thoughts on how to make an entire deis cluster have access to a private registry? Or is that not in the cards/very technically difficult? |
|
Right now it is only per application. If we ever do deis/controller#383 then registry data may get included in that as well |
|
That would be great. Basically I don't want to have members of my team have to ask me for a registry key :) |
|
My recommendation would be to make a read-only robot account credentials available to them, in the short term |
|
👍 |
No description provided.