Internal registry HTTPS endpoint

[evghen1]

What problem are you facing?

While using internal registry for providers, found issue that k8s image puller needs HTTPS endpoint for download image, but KNDP registry just have HTTP endpoint implemented.

How could KNDP help solve your problem?

• Add HTTPS connection to internal registry.

[evghen1]

@ca7alindev found this solution: https://medium.com/@lumontec/running-container-registries-inside-k8s-6564aed42b3a

[evghen1]

@art10m @ca7alindev I think still will exist problem with Crossplane, because it not use kubelet for download images, so in case if we will set eg. https://localhost:5000 as default registry, Crossplane will make simple HTTPS request to localhost, but in case of container where it running, no localhost:5000 exposed, this is true just in case of node, where kubelet running. In this case i propose to use Kyverno Policy for patch Pod's with image URL of internal registry from kndp-registry.kndp-system.svc.cluster.local to localhost:5000, and keep default registry parameters as is.