Local Registry Tools
Kubernetes does not natively provide a registry for hosting container images which contain the applications you want to deploy on Kubernetes. Instead, Kubernetes expects you to use an external solution for storing and sharing container images.
There are a variety of Kubernetes registry options out there that are compatible with DKP. The list below refers to the local registry tools required if running an air-gapped environment.
Air-Gapped Registry Prerequisites
DKP in an air-gapped environment requires a local container registry of trusted images to enable production level Kubernetes cluster management. In an environment with access to the internet, you retrieve artifacts from specialized repositories dedicated to them such as Docker images contained in DockerHub and Helm Charts that come from a dedicated Helm Chart repository. However, in an air-gapped environment, you need local repositories to store Helm charts, Docker images and other artifacts. Tools such as jFrog, Harbor and Nexus handle multiple types of artifacts in one local repository.
If you want to use images from this local registry to deploy applications inside your Kubernetes cluster, you’ll need to set up a secret for a private registry. The secret contains your login data, which Kubernetes needs to connect to your private repository.
JFrog Artifactory
JFrog can function as a container registry, as well as an automated management tool for binaries and artifacts of all types. If you use JFrog Artifactory or JFrog Container Registry, you must update to a new version of the software. Any build newer than version 7.11 will work, as we have confirmed that older versions are not compatible.
Nexus Registry
Nexus Repository is a package registry for all of your Docker images and Helm Chart repositories and supports Proxy, Hosted, and Group repositories. It can be used a single registry for all your Kubernetes deployments.
Harbor Registry
Install Harbor and configure any https access required as well as the system level parameters in the harbor.yml
file. Then run the installer script. If you are upgrading from a previous version of Harbor, you update the configuration file and migrate your data to fit the database schema of the later version. For information about upgrading, see Upgrading Harbor. Any newer version than Harbor Registry v2.1.1-5f52168e will support OCI images.
Bastion Host
If you have not set up a Bastion Host yet, refer to that section of the Documentation.