Configuring Registry

Every Camel K installation needs a container registry that will be used to host integration container images. This is required to host the images that will be used by Kubernetes to execute the Camel application you’ve built.

Container registry in action

The Camel K operator is in charge to build a Camel application and to "containerize" it, storing the result into a container registry. The same registry is used by the cluster to run the Camel application. Basically the operator push the image and the cluster pull it from the same source.

For the reason above it’s important that you provide a container registry which is accessible from both the operator Pod and the cluster internal mechanisms. However, a default registry is present in certain platforms such as Minikube, Openshift or Docker Desktop.

For any other platform that do not provide a default container registry, then, a registry must be provided accordingly.

Configure the registry at installation time

Registry configuration can be set upon installation using command:

$ kamel install --registry registry-host.io [--organization your-user-id-or-org] [--registry-secret my-secret-registry-conf]

Although optionals, the organization and registry-secret parameters are strongly suggested in order to secure the pull/push operations on a registry that is private, although accessible through the Internet. The secret is something that will included at deployment time as imagePullSecret configuration.

As each registry may have a slightly different way of securing the access you can use the guidelines provided in Docker Hub registry configuration and adjust accordingly.

Configure the registry after installation

The settings you’ve provided in the chapter above are applied to the IntegrationPlatform custom resource. In particular you can find them in the .spec.pipeline.registry.

apiVersion: camel.apache.org/v1
kind: IntegrationPlatform
metadata:
  labels:
    app: camel-k
  name: camel-k
spec:
  pipeline:
    registry:
      address: registry-host.io
      organization: your-user-id-or-org
      secret: my-secret-registry-conf

You can therefore update the values in the IntegrationPlatform in order to perform any change to the registry configuration after the Camel K operator is installed. The changes will be immediately reconciled and ready to use.

Container registry requirements

Each platform may have its default registry of choice. And each container registry may have a slight different configuration. Please, be aware that we won’t be able to support all the available solutions.

The only requirement we have is that the registry must be able to produce/consume images with the following tagging convention: <registry-host>[:<registry-port>]/<k8s-namespace>/kit-<hash-code>@sha256:<sha256-code>, ie 10.110.251.124/default/kit-ck0612dahvgs73ffe5g0@sha256:3c9589dd093b689aee6bf5c2d35aa1fce9d0e76d5bb7da8b61d87e7a1ed6f36a.

This should be within the standard convention adopted by pulling a Docker image by digest (immutable).

you can configure Camel K to use an insecure private registry. However, your Kubernetes cluster may not be able to pull images from an insecure registry without proper configuration.

Special container registry requirements

We have some hints that can help you configuring on the most common platforms:

Run your own container registry

You can also run your own registry, but this option is recommended only for advanced use cases as it may requires certain changes in the cluster configuration, so, make sure to understand how each change may affect your cluster. As you’ve seen in the diagram above, the cluster has to be aware of the presence of the registry in order to pull the images pushed by the operator.