Open zootalures opened 6 years ago
cc @derekschultz
we support multiple registries configured in ~/.docker/config
or through DOCKER_AUTH
env var in fn. i am less sure if it works properly, but there was an attempt. it should be possible to thread in either way to k8s
Please also consider support for private registry (with and without authentication).
One important aspect to consider when using a private registry is the nesting level of docker image names. You can only have 3 at max, see https://github.com/fnproject/fn/blob/f27d47f2dd9520647f8799043bfcb3d121709958/api/agent/drivers/driver.go#L283
If you use more than 3, it falls back to assuming the image comes from docker hub and does not provide correct credentials. This cost me about 3 days of debugging, hoping that others do not run in the same thing...
Shorter nestings are okay.
I opened a bug report here: https://github.com/fnproject/fn/issues/764
Fn (dind) doesn't get docker regstry credentials.
I think fn needs to understand these eventually in some form but a stop gap
Ideally we should be able to share one or more k8s docker image pull secrets with the fn container to allow secured registries to be used.
e.g. (elswhere in k8s ):
then in values.yaml