documentation: how to setup insecure registry

Question

documentation: how to setup insecure registry

Closed this issue 7 years ago · 4 comments

The documentation says I have to created the file /etc/docker/daemon.json with the content:

      "insecure-registries": [
          "10.22.0.1:5000"
      ]

But when I create this file, I get the error:

unable to configure the Docker daemon with file /etc/docker/daemon.json: the following directives are specified both as a flag and in the

This is because on Fedora, this is configured via /etc/sysconfig/docker:

INSECURE_REGISTRY='--insecure-registry 10.22.0.1:5000'

The documentation should be updated.

Answer 1 · 2017-09-22T13:27:27.000Z

I would like to get rid of the registry and find a different way to provide necessary binaries to kube-spawn. This setup has been a usability pain point from the beginning.

Answer 2 · 2017-09-22T14:21:51.000Z

@schu I agree, I talked to @dongsupark about this approach before:

docker save -o hyperkube.tar gcr.io/google-containers/hyperkube-amd64
# mount into machine
docker load -i hyperkube.tar

https://stackoverflow.com/a/45518733

Answer 3 · 2017-09-25T09:06:20.000Z

Is hyperkube even needed? Can we bind-mount necessary binaries?

Answer 4 · 2017-09-25T10:16:57.000Z

I don't think we can bind mount them...

The way I understand kubeadm is it creates a cluster that self-hosts it's components, for that we need docker images of all of them. By default (if you don't pass KUBE_HYPERKUBE_IMAGE) the kubelet pulls the images it needs from gcr.io/google-containers/....

It is however possible to modify the location of the image registry kubeadm uses via KUBE_REPO_PREFIX if we decide to go with the local registry solution, which might make it nicer to develop/test single components.