Closed jhunt closed 4 years ago
to my part I prefer to keep the insecure_skip_verify
rather than verify
to point that you use an insecure repository. I think it's for this raison that containerd team uses this term. Docker team uses also the same term.
I will definitely don't not unignore that feedback, @obeyler 😉
ttar is what kind of tools ? is it like tar ?
@jhunt Except my review about the verify
parameter, I've tested this PR on my airgap environment and everything seems to be OK.
@jhunt At the end, I see you preferred to keep verify
rather than insecure_skip_verify
.
Do you plan to make release soon ?
I do indeed. Given that K8s 1.19 is set to drop in early August, I wanted to get a 1.18.5 out today or tomorrow. Is #50 going to be out of draft and ready for review before the end of the week? If so, I'd like to include it in the release.
@jhunt I'm not yet satisfied of #50 and as I need to do many other work before my holidays I think I can't finish it before august.
This commit introduces containerd OCI registry mirroring, allowing operators to run their own registries, complete with authantication (user-based, certificate-based) etcd, to either shadow upstream names like
postgres
(originally from docker.io), or to provide custom private registries without giving out credentials to cluster users.Also new is
manifests/mirrornetes
, a tinynetes configuration that ships with multiple, separate registries, of varying configurations, and custom mirror definitions to validate the implementation.