Skip to content
/ tutor-contrib-registry Public

This is an experimental Tutor plugin that enables the use of a private container image registry that requires authentication.

License

AGPL-3.0 license
0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hastexo/tutor-contrib-registry

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

.githooks

.githooks

 
 

.github/workflows

.github/workflows

 
 

tutorregistry

tutorregistry

 
 

.bumpversion.cfg

.bumpversion.cfg

 
 

.gitignore

.gitignore

 
 

.gitlint

.gitlint

 
 

CHANGELOG.md

CHANGELOG.md

 
 

HACKING.md

HACKING.md

 
 

LICENSE

LICENSE

 
 

MANIFEST.in

MANIFEST.in

 
 

README.md

README.md

 
 

setup.py

setup.py

 
 

tox.ini

tox.ini

 
 

Repository files navigation

Registry Tutor plugin

This is an experimental plugin for Tutor that configures access to a private container image registry in a Kubernetes namespace.

Version compatibility matrix

You must install a supported release of this plugin to match the Open edX and Tutor version you are deploying. If you are installing this plugin from a branch in this Git repository, you must select the appropriate one:

Open edX release Tutor version Plugin branch Plugin release
Olive >=15.0, <16 main 1.x.x
Palm >=16.0, <17 main 1.x.x
Quince >=17.0, <18 main 1.x.x

Installation

pip install git+https://github.com/hastexo/tutor-contrib-registry@v1.3.0

Usage

To enable this plugin, run:

tutor plugins enable registry
tutor config save

To test that the command is available, run:

tutor k8s registry --help

To configure access to a private image registry in your kubernetes namespace, run:

tutor k8s registry

This will create a secret for each of your private registries and will add them to the default ServiceAccount in your namespace.

Important note : This command assumes that your namespace already exists. As tutor will create the namespace for you (if one does not already exist) while using tutor k8s launch/ tutor k8s start commands. But, both of these commands will also fail if your services cannot access the private image registry. So, for a fresh deployment (meanin the namespace needs to be created during the deployment run) you cannot run this command before nor after you run the start or launch commands. As a workaround for this we suggest first bringing up a service that uses an upstream default image and doesn't require access to a private registry. Then configure your registry access and run the rest of the deployment as usual.

An example with caddy:

tutor k8s start caddy
tutor k8s registry
tutor k8s launch / tutor k8s start
...

Reference documentation can be found here

Configuration

The following values must be set in your config.yml file:

  • K8S_NAMESPACE
  • REGISTRY_CREDENTIALS

Where the REGISTRY_CREDENTIALS configuration value is a dictionary that requires the following structure and values:

REGISTRY_CREDENTIALS:
    private-registry.example.com:
        key_name: <key_name>
        password: <password>
        username: <username>
    private-registry.example.org:
        email: <email>  # optional, depending on your registry
        key_name: <key_name>
        password: <password>
        username: <username>

About

This is an experimental Tutor plugin that enables the use of a private container image registry that requires authentication.

Resources

Readme

License

AGPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

4 tags

Packages

No packages published

Languages