Question

Private cloud with insecure registry

2

Hi, I’m trying to deploy a Mendix application into my private cloud that runs on a local standalone Kubernetes cluster. Currently I only have an insecure HTTP based docker registry as I have no valid certificates. I’m currently getting the following when I try to build the application: "Failed to build mendix app, failed to append layer to base image pushing image docker-registry:5000/repo:example-mendixapp: Get \"https://docker-registry:5000/v2/\": http: server gave HTTP response to HTTPS client" Is there a way to push application into an insecure docker registry? Thanks

asked 2021-08-10

Daniel Farkas

3 answers

Nidhi · Answer 1 · 2023-05-03

if you are using docker registry, you can use following values, with generic option:

pull url: index.docker.io
push url: index.docker.io

registry name: <your docker registry name>

Rafi Khalish · Answer 2 · 2023-05-15

Hi,

I think you need to manually add your private registry URL if your private registry does not use the https protocol.

If you are using Docker as the runtime container for the cluster, you need to add your private registry to the mirror registry in the /etc/docker/daemon.json file on all nodes. I don't know how to add a registry mirror to the docker configuration file. In my case, I used containerd.io as the container runtime on my cluster and Harbor for private registry with docker as the container runtime.

Reference for containerd: https://github.com/containerd/containerd/issues/3847

Hope it helps.

Mikhael Andrew · Answer 3 · 2023-08-18

You can try to use self-signed certificates, then add the custom CA from this documentation. Don’t forget to add the CA to your kubernetes cluster as well.