Table of Contents
Kubernetes – docker 이미지에 사설인증서 추가하기
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
사설인증서 생성 및 등록
여기 를 참조하여 사설인증서를 생성합니다.
참조 를 참조하여 Private Docker Repository 를 생성합니다.
도커 이미지 수정
/etc/docker/certs.d/도커리포도메인/ca.crt 에 루트인증서를 연결해주면 됩니다.
spec:
dnsPolicy: Default # 이게 왜 필요할까?
containers:
- name: docker
image: docker:latest
command:
- cat
tty: true
privileged: true
volumeMounts:
- name: private-rootca-crt
mountPath: /etc/docker/certs.d/docker-repository.repository.svc.cluster.local/ca.crt
subPath: rootCA.crt
readOnly: true
- name: dockersock
mountPath: /var/run/docker.sock
volumes:
- name: private-rootca-crt
configMap:
name: private-rootca.crt
- name: dockersock
hostPath:
path: /var/run/docker.sock
- name: m2
hostPath:
path: /root/.m2