Use Docker images from a custom registry¶

Using images from a private Docker registry may required for privacy, security or other reasons. In these cases, Percona Operator for MongoDB allows the use of a custom registry This following example of the Operator deployed in the OpenShift environment demonstrates the process:

Log into the OpenShift and create a project.

$ oc login

Expected output

Authentication required for https://192.168.1.100:8443 (openshift)
Username: admin
Password:
Login successful.

$ oc new-project psmdb

Expected output

Now using project "psmdb" on server "https://192.168.1.100:8443".

You need obtain the following objects to configure your custom registry access:

A user token
the registry IP address

You can view the token with the following command:

$ oc whoami -t

Expected output

ADO8CqCDappWR4hxjfDqwijEHei31yXAvWg61Jg210s

The following command returns the registry IP address:

$ kubectl get services/docker-registry -n default

Expected output

NAME              TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
docker-registry   ClusterIP   172.30.162.173   <none>        5000/TCP   1d

Use the user token and the registry IP address to login to the registry:

$ docker login -u admin -p ADO8CqCDappWR4hxjfDqwijEHei31yXAvWg61Jg210s 172.30.162.173:5000

Expected output

Login Succeeded

Use the Docker commands to pull the needed image by its SHA digest:

$ docker pull docker.io/perconalab/percona-server-mongodb@sha256:991d6049059e5eb1a74981290d829a5fb4ab0554993748fde1e67b2f46f26bf0

Expected output

Trying to pull repository docker.io/perconalab/percona-server-mongodb ...
sha256:991d6049059e5eb1a74981290d829a5fb4ab0554993748fde1e67b2f46f26bf0: Pulling from docker.io/perconalab/percona-server-mongodb
Digest: sha256:991d6049059e5eb1a74981290d829a5fb4ab0554993748fde1e67b2f46f26bf0
Status: Image is up to date for docker.io/perconalab/percona-server-mongodb@sha256:991d6049059e5eb1a74981290d829a5fb4ab0554993748fde1e67b2f46f26bf0

You can find correct names and SHA digests in the current list of the Operator-related images officially certified by Percona.

The following method can push an image to the custom registry for the example OpenShift psmdb project:

$ docker tag \
    docker.io/perconalab/percona-server-mongodb@sha256:991d6049059e5eb1a74981290d829a5fb4ab0554993748fde1e67b2f46f26bf0 \
    172.30.162.173:5000/psmdb/percona-server-mongodb:4.4.24-23
$ docker push 172.30.162.173:5000/psmdb/percona-server-mongodb:4.4.24-23

Verify the image is available in the OpenShift registry with the following command:

$ oc get is

Expected output

NAME                              DOCKER REPO                                                             TAGS             UPDATED
percona-server-mongodb            docker-registry.default.svc:5000/psmdb/percona-server-mongodb  4.4.24-23  2 hours ago

When the custom registry image is available, edit the the image: option in deploy/operator.yaml configuration file with a Docker Repo + Tag string (it should look like docker-registry.default.svc:5000/psmdb/percona-server-mongodb:4.4.24-23)

Note

If the registry requires authentication, you can specify the imagePullSecrets option for all images.
Repeat steps 3-5 for other images, and update corresponding options in the deploy/cr.yaml file.

Note

Don’t forget to set upgradeoptions.apply option to Disabled. Otherwise Smart Upgrade functionality will try using the image recommended by the Version Service instead of the custom one.
Now follow the standard Percona Operator for MongoDB installation instruction.

Get expert help¶

If you need assistance, visit the community forum for comprehensive and free database knowledge, or contact our Percona Database Experts for professional support and services. Join K8S Squad to benefit from early access to features and “ask me anything” sessions with the Experts.

Community Forum Get a Percona Expert Join K8S Squad

Last update: 2024-04-11