ansible/roles/registry/templates/main/docker-registry.yml

   1 {#
   2 Copyright 2019 Nokia
   3
   4 Licensed under the Apache License, Version 2.0 (the "License");
   5 you may not use this file except in compliance with the License.
   6 You may obtain a copy of the License at
   7
   8     http://www.apache.org/licenses/LICENSE-2.0
   9
  10 Unless required by applicable law or agreed to in writing, software
  11 distributed under the License is distributed on an "AS IS" BASIS,
  12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13 See the License for the specific language governing permissions and
  14 limitations under the License.
  15 #}
  16 ---
  17 apiVersion: apps/v1beta2
  18 kind: DaemonSet
  19 metadata:
  20   name: registry
  21   namespace: kube-system
  22 spec:
  23   selector:
  24     matchLabels:
  25       name: registry
  26   template:
  27     metadata:
  28       annotations:
  29         danm.k8s.io/interfaces: |
  30           [
  31             {
  32               "network":"flannel"
  33             }
  34           ]
  35       labels:
  36         name: registry
  37     spec:
  38       dnsPolicy: ClusterFirst
  39       nodeSelector:
  40         nodetype: caas_master
  41       securityContext:
  42         runAsUser: {{ caas.uid.dockerreg }}
  43       containers:
  44         - name: registry
  45           image: {{ container_image_names | select('search', '/registry:') | list | last }}
  46           env:
  47             - name: INTERFACE_NAME
  48               value: "{{ caas.internal_flannel_interface }}"
  49             - name: REGISTRY_PORT
  50               value: "{{ caas.registry_port }}"
  51             - name: REGISTRY_CONFIG
  52               value: /etc/docker-registry/docker-registry-main-config.yml
  53           volumeMounts:
  54             - name: config
  55               mountPath: /etc/docker-registry/
  56               readOnly: true
  57             - name: store
  58               mountPath: {{ caas.registry_directory }}
  59             - name: ca
  60               mountPath: /etc/ssl/certs/
  61               readOnly: true
  62       volumes:
  63         - name: config
  64           hostPath:
  65             path: /etc/docker-registry/
  66         - name: store
  67           hostPath:
  68             path: {{ caas.registry_directory }}
  69         - name: ca
  70           hostPath:
  71             path: /etc/openssl/