oadm-registry man page

oadm registry — Install the integrated Docker registry

Synopsis

oadm registry [Options]

Description

Install or configure an integrated Docker registry

This command sets up a Docker registry integrated with your cluster to provide notifications when images are pushed. With no arguments, the command will check for the existing registry service called 'docker-registry' and try to create it. If you want to test whether the registry has been created add the --dry-run flag and the command will exit with 1 if the registry does not exist.

To run a highly available registry, you should be using a remote storage mechanism like an object store (several are supported by the Docker registry). The default Docker registry image is configured to accept configuration as environment variables - refer to the configuration file in that image for more on setting up alternative storage. Once you've made those changes, you can pass --replicas=2 or higher to ensure you have failover protection. The default registry setup uses a local volume and the data will be lost if you delete the running pod.

If multiple ports are specified using the option --ports, the first specified port will be chosen for use as the REGISTRY_HTTP_ADDR and will be passed to Docker registry.

NOTE: This command is intended to simplify the tasks of setting up a Docker registry in a new
installation. Some configuration beyond this command is still required to make
your registry persist data.

Options

--create=false
deprecated; this is now the default behavior
--credentials=""
Path to a .kubeconfig file that will contain the credentials the registry should use to contact the master.
--daemonset=false
Use a daemonset instead of a deployment config.
--dry-run=false
If true, show the result of the operation without performing it.
--enforce-quota=false
If set, the registry will refuse to write blobs if they exceed quota limits
--images="openshift/origin-${component}:${version}"
The image to base this registry on - ${component} will be replaced with --type
--labels="docker-registry=default"
A set of labels to uniquely identify the registry and its components.
--latest-images=false
If true, attempt to use the latest image for the registry instead of the latest release.
--mount-host=""
If set, the registry volume will be created as a host-mount at this path.
-o, --output=""
Output results as yaml or json instead of executing, or use name for succint output (resource/name).
--output-version=""
The preferred API versions of the output objects
--ports="5000"
A comma delimited list of ports or port pairs to expose on the registry pod. The default is set for 5000.
--replicas=1
The replication factor of the registry; commonly 2 when high availability is desired.
--selector=""
Selector used to filter nodes on deployment. Used to run registries on a specific set of nodes.
--service-account="registry"
Name of the service account to use to run the registry pod.
--tls-certificate=""
An optional path to a PEM encoded certificate (which may contain the private key) for serving over TLS
--tls-key=""
An optional path to a PEM encoded private key for serving over TLS
--type="docker-registry"
The registry image to use - if you specify --images this flag may be ignored.
--volume="/registry"
The volume path to use for registry storage; defaults to /registry which is the default for origin-docker-registry.

Options Inherited from Parent Commands

--api-version=""
DEPRECATED: The API version to use when talking to the server

--as=""
Username to impersonate for the operation.

--certificate-authority=""
Path to a cert. file for the certificate authority.

--client-certificate=""
Path to a client certificate file for TLS.

--client-key=""
Path to a client key file for TLS.

--cluster=""
The name of the kubeconfig cluster to use

--config=""
Path to the config file to use for CLI requests.

--context=""
The name of the kubeconfig context to use

--google-json-key=""
The Google Cloud Platform Service Account JSON Key to use for authentication.

--insecure-skip-tls-verify=false
If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure.

--log-flush-frequency=0
Maximum number of seconds between log flushes

--match-server-version=false
Require server version to match client version

-n, --namespace=""
If present, the namespace scope for this CLI request.

--server=""
The address and port of the Kubernetes API server

--token=""
Bearer token for authentication to the API server.

--user=""
The name of the kubeconfig user to use

Example

# Check if default Docker registry ("docker-registry") has been created
oadm registry --dry-run

# See what the registry will look like if created
oadm registry -o yaml

# Create a registry with two replicas if it does not exist
oadm registry --replicas=2

# Use a different registry image
oadm registry --images=myrepo/docker-registry:mytag

# Enforce quota and limits on images
oadm registry --enforce-quota

See Also

oadm(1),

History

June 2016, Ported from the Kubernetes man-doc generator

Referenced By

oadm(1).

Openshift CLI User Manuals Openshift June 2016