Feature #44886
closedcephadm: allow use of authenticated registry
0%
Description
Users may need to use an authenticated registry, e.g. in air-gapped deployments.
We could punt and require that the host have all this configured so that we can just pull... Or we could teach cephadm how to take auth credentials (user/pass? cert?) and pass it around as needed.
Updated by Sebastian Wagner about 4 years ago
and then the next request will be to support untrusted registries... and so on
Updated by Kefu Chai almost 4 years ago
- Status changed from New to In Progress
- Assignee set to Kefu Chai
- Pull request ID set to 35217
Updated by Kefu Chai almost 4 years ago
- Assignee deleted (
Kefu Chai)
Updated by Sebastian Wagner almost 4 years ago
- Status changed from In Progress to New
Updated by Sebastian Wagner almost 4 years ago
- Priority changed from Normal to High
Updated by Sebastian Wagner almost 4 years ago
cephadm registry-login user pw
plus storing the credentials in the mgr/cephadm
Updated by Denys Kondratenko almost 4 years ago
should registry management and authentication be handled on cri-o level by system admin or maybe by cephadm as helper?
crio.conf:
**global_auth_file**="" The path to a file like /var/lib/kubelet/config.json holding credentials necessary for pulling images from secure registries.
Updated by Sebastian Wagner almost 4 years ago
Denys Kondratenko wrote:
should registry management and authentication be handled on cri-o level by system admin or maybe by cephadm as helper?
crio.conf:
[...]
cephadm doesn't use cri-o, but plain podman. but yeah, cephadm should IMO orchestrate this cluster-wide
Updated by Sebastian Wagner almost 4 years ago
- Status changed from New to Fix Under Review
- Pull request ID changed from 35217 to 36012
Updated by Adam King almost 4 years ago
- Status changed from Fix Under Review to Resolved
Updated by Sebastian Wagner over 3 years ago
- Category set to cephadm
- Target version set to v15.2.5