Deploy Dind and secure Docker Registry on Kubernetes (colon issues)
The only thing I come up with is using symlinks. I tested it and it works. I also tried searching for better solution but didn't find anything satisfying.
Have a look at this example:
apiVersion: v1kind: Podmetadata: name: myapp-pod labels: app: myappspec: containers: - name: myapp-container image: centos:7 command: ['sh', '-c', 'mkdir -p /etc/docker/certs.d/registry:5000 && ln -s /some/random/path/ca.crt /etc/docker/certs.d/registry:5000/ca.crt && exec sleep 10000'] volumeMounts: - mountPath: '/some/random/path' name: registry-cert volumes: - name: registry-cert secret: secretName: my-secret
And here is a template secret i used:
apiVersion: v1kind: Secretmetadata: name: my-secret namespace: defaulttype: Opaquedata: ca.crt: <<< some_random_Data >>>
I have mounted this secret into a /some/random/path
location (without colon so it wouldn't throw errors) and created a symlink between /some/random/path/ca.crt
and /etc/docker/certs.d/registry:5000/ca.crt
.Of course you also need to create a dir structure before running ln -s ...
, that is why I run mkdir -p ...
.
Let me know if you have any further questions. I'd be happy to answer them.