2.2 Accessing the Container Registry

The container images that are deployed by the Platform CLI are hosted on the Oracle Container Registry at:

https://container-registry.oracle.com/

For more information about the Oracle Container Registry, see the Oracle® Linux: Oracle Container Runtime for Docker User's Guide.

For a deployment to use the Oracle Container Registry, each node within the environment must be provisioned with direct access to the Internet. In some cases, nodes within your environment may not be provisioned with direct access to the Internet. In these cases, you can set up a local container registry mirror. Each node requires direct access to the mirror host in this scenario.

Creating a Container Registry Mirror

  1. Select a host to use for your container registry mirror service. The mirror host must have access to the Internet and should be able to pull images directly from the Oracle Container Registry, or alternately should have access to the correct image files stored locally. Ideally, the host should not be a node within your Oracle Linux Cloud Native Environment, but should be accessible to all of the nodes that are part of the environment.

    On the mirror host, install Oracle Container Runtime for Docker, and set up a Docker registry container, following the instructions in the Oracle® Linux: Oracle Container Runtime for Docker User's Guide.

  2. On the mirror host, install the olcne-utils package, so you have access to the registry mirroring utility.

    $ sudo yum install olcne-utils
  3. Copy the required container images from the Oracle Container Registry to the local Docker registry using the registry-image-helper.sh script with the required options:

    $ registry-image-helper.sh ‐‐to host.example.com:5000/olcne

    Where host.example.com:5000 is the resolvable domain name and port on which your local Docker registry is available.

    If the host where you are running the script does not have access to the Internet, you can replace the --from option with the --local option to load the container images directly from a local directory. The local directory which contains the images should be either /usr/local/share/kubeadm/ or /usr/local/share/olcne/. The image files should be archives in TAR format. All TAR files in the directory are loaded into Docker when the script is run with this option.

    You can use the --version option to specify the Kubernetes version you want to mirror. If not specified, the current release is used.

    The script also accepts an --images option that can be used to specify a comma-separated list of image and tag names, if you need to mirror a custom set of images.

  4. When you use a registry mirror, make sure you set the --container-registry option to the domain name and port for the registry mirror. You set this option when you create a Kubernetes module using the olcnectl module create command.