Configure External Docker Registry
SUMMARY This topic describes how to set up an external registry in Paragon Automation.
You can configure the Docker registry on an external node. You can also use custom external user registries in place of the Paragon Automation-generated registries. In earlier releases, Paragon Automation generated the Docker registry on each of the cluster nodes and stored it in Ceph storage. The Docker images were, therefore available, locally in the cluster. In cases when a node or pod failed and you had to redeploy your cluster, you could not recover the Docker images from the registry, as Ceph storage was unreadable. In the current release, since the registry can be stored on an external node, it can be reached even in case of a node or pod failure.
You can configure Paragon Automation to use the following registry options:
-
One Paragon Automation-generated registry on an external node
-
Redundant Paragon Automation-generated registries on multiple external nodes
We recommend that all registry nodes must be in the same subnet as the cluster nodes so that you can connect to them by using a virtual IP (VIP) address.
-
One Paragon Automation-generated registry in Ceph storage, similar to earlier releases. You do not need to explicitly configure anything in order to use the internal Docker registry.
The inventory and config.yml files (and
consequently the inv
and conf
command prompts) are
edited to accommodate configuration of external registries and registries on external
nodes.
Configure your existing external user registry
Use this procedure if you have an existing centralized container registry and you
want to use the existing user registry for your Paragon Automation cluster.
Paragon Automation supports both secure and insecure registries and you can also
configure a username and password to log in to the registry. You can configure a
single remote registry server address which can be an IP address or a VIP or a
load balanced DNS name. Registry address is saved in the <registry
server>:<port number>
format in the
config.yml file.
To configure an existing external user registry with Paragon Automation, you must perform the following steps.
Configure one Paragon Automation registry on an external node
Use this procedure if you want to install only one Paragon Automation registry,without redundancy, on an external node. You can also use the Ansible control host as a registry node.
Configure redundant Paragon Automation registries on multiple external nodes
Use this procedure if want to install redundant Paragon Automation registry nodes on multiple external nodes. Paragon Automation can deploy one or more dedicated registry nodes. You can also use the Ansible control host as a registry node. Each dedicated registry node must have a minimum of one registry.
When
there are more than one external registry nodes, all the registry nodes must be
in the same subnet so that you can connect to them by using a virtual IP (VIP)
address. Registry address is saved in the <vrrp vip>:<port
number>
format in the config.yml file.
To configure redundant Paragon Automation registries on more than one external nodes, you must perform the following steps.
Migrate Docker Registry
You can migrate the registry from the internal registry to an external registry.