Parameters
The parent key for all of the following parameters is registry_cache.
expose_type
| type |
string |
| default |
|
| possible values |
|
Whether to use an Ingress or Route object to expose the registry.
imagePullSecretName
| type |
string |
| default |
|
The name of an image pull secret to use, if not null. The secret is configured for both the Registry and the Redis deployments.
|
We currently don’t support generating an image pull secret from the component, as we don’t have a way to generate the required contents from Vault secrets. Instead, we provide this parameter so that users can tell the component to configure the deployment with an externally-managed image pull secret. |
redis.enabled
| type |
bool |
| default |
|
Whether or not to deploy and use redis as a Blob descriptor cache
registry.config.storage.s3.accesskey, registry.config.storage.s3.secretkey
| type |
strings |
| default |
Vault reference |
S3 credentials for storing image blobs.
http_secret
| type |
string |
| default |
Vault reference |
HTTP Session secret. Must be set but is only used internally.
Vault secrets
# Adjust to your environment
key="clusters/kv/${TENANT_ID}/${CLUSTER_ID}/registry-cache"
# Query for existing secrets first
vault kv get "${key}"
# If there are existing secrets, add your instance secrets:
vault kv patch "${key}" \
http_secret=$(pwgen 32 1) \
proxy_username=DOCKER_HUB_USERNAME \
proxy_password=DOCKER_HUB_PASSWORD \
s3_accesskey=S3_ACCESS_KEY \
s3_secretkey=S3_SECRET_KEY
# If there is no pre-existing secret, create new:
vault kv put "${key}" \
http_secret=$(pwgen 32 1) \
proxy_username=DOCKER_HUB_USERNAME \
proxy_password=DOCKER_HUB_PASSWORD \
s3_accesskey=S3_ACCESS_KEY \
s3_secretkey=S3_SECRET_KEY