Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configure External Docker Registry

SUMMARY This topic describes how to set up an external registry in Paragon Automation.

You can configure the Docker registry on an external node. You can also use custom external user registries in place of the Paragon Automation-generated registries. In earlier releases, Paragon Automation generated the Docker registry on each of the cluster nodes and stored it in Ceph storage. The Docker images were, therefore available, locally in the cluster. In cases when a node or pod failed and you had to redeploy your cluster, you could not recover the Docker images from the registry, as Ceph storage was unreadable. In the current release, since the registry can be stored on an external node, it can be reached even in case of a node or pod failure.

You can configure Paragon Automation to use the following registry options:

The inventory and config.yml files (and consequently the inv and conf command prompts) are edited to accommodate configuration of external registries and registries on external nodes.

Configure your existing external user registry

Use this procedure if you have an existing centralized container registry and you want to use the existing user registry for your Paragon Automation cluster. Paragon Automation supports both secure and insecure registries and you can also configure a username and password to log in to the registry. You can configure a single remote registry server address which can be an IP address or a VIP or a load balanced DNS name. Registry address is saved in the <registry server>:<port number> format in the config.yml file.

To configure an existing external user registry with Paragon Automation, you must perform the following steps.

  1. You can use the conf command to configure the config.yml file as required. Enter y to configure an external user registry.

    The following sample config.yml file shows the newly added fields for configuration of external user registries. In this sample, consider 10.10.10.10 as the server IP address of the external registry.

    Note:

    External registry port number is 5000, by default. You can edit the port number as required.

  2. (Optional) You can manually edit the config.yml file and also customize it further.
    Note:

    While configuring an existing external user registry, we do not need to edit the inventory file.

Configure one Paragon Automation registry on an external node

Use this procedure if you want to install only one Paragon Automation registry,without redundancy, on an external node. You can also use the Ansible control host as a registry node.

  1. Customize the inventory file with the IP address or hostname of the registry node, as well as the username and authentication information that is required to connect to the node. You can either use the inv command to update the inventory file or edit the file manually.
    • Use the inv command to update the inventory file. The following sample inventory shows the newly added fields for configuration of external registries. In this sample, consider 10.10.10.11 as the IP address of the external node.

    • Alternatively, manually edit the inventory file. For example:

  2. Use the conf command to configure the config.yml file. The following sample config.yml file shows the newly added fields for configuration of external registries. In this sample, consider 10.10.10.11 as the IP address of the external node.
    Note:

    External registry port number is 5000, by default. You can edit the port number as required. If you enable TLS and set the user_registry_notls: false in the config.yml file, then the external registry port number is automatically set to 443 in the config.yml file.

  3. (Optional) You can manually edit the config.yml file and also customize it further.

Configure redundant Paragon Automation registries on multiple external nodes

Use this procedure if want to install redundant Paragon Automation registry nodes on multiple external nodes. Paragon Automation can deploy one or more dedicated registry nodes. You can also use the Ansible control host as a registry node. Each dedicated registry node must have a minimum of one registry.

When there are more than one external registry nodes, all the registry nodes must be in the same subnet so that you can connect to them by using a virtual IP (VIP) address. Registry address is saved in the <vrrp vip>:<port number> format in the config.yml file.

To configure redundant Paragon Automation registries on more than one external nodes, you must perform the following steps.

  1. Customize the inventory file with the IP addresses or hostnames of the registry nodes, as well as the usernames and authentication information that are required to connect to the nodes. You can either use the inv command to update the inventory file or edit the file manually.
    • Use the inv command to update the inventory file. The following sample inventory shows the newly added fields for configuration of external registries. In this sample, consider 10.10.10.12 and 10.10.10.13 as the IP addresses of the external nodes.

    • Alternatively, manually edit the inventory file. For example:

  2. Use the conf command to configure the config.yml file. The following sample config.yml file shows the newly added fields for configuration of external registries. In this sample, consider 10.10.10.12 and 10.10.10.13 as the IP addresses of the external nodes and 10.10.10.100 as the VIP for the external registry nodes.
    Note:

    External registry port number is 5000, by default. You can edit the port number as required. If you enable TLS and set the user_registry_notls: false in the config.yml file, then the external registry port number is automatically set to 443 in the config.yml file.

  3. (Optional) You can manually edit the config.yml file and also customize it further.

Migrate Docker Registry

You can migrate the registry from the internal registry to an external registry.

  1. Upgrade your Paragon Automation cluster from Release 22.1 to 23.1.
  2. Update the inventory file by adding external registry information.
  3. Update the config.yml correspondingly as per the inventory file.
  4. Rerun the deploy command with the migrate option.
    ./run -c config-dir deploy -e migrate_registry=1