Docker registry

The compiled Docker Images are stored in a private registry. You need to setup Docker Credentials in order to be able to pull these images.

One of the first steps is to setup a secret to access this registry.

1. You’ll get an access token in a file from Sagemath, Inc. – in the following it will be called registry-token.txt.

2. Tell Kubernetes about this registry secret, in the namespace where you’ll deploy CoCalc, with the name: regcred:

kubectl [--namespace cocalc] create secret docker-registry regcred \
   --docker-server=docker.io \
   --docker-username=hsysmi \
   --docker-password="$(cat ./registry-token.txt)" \
   --docker-email=[email protected]

→ expected output: secret/regcred created

Note

If you name this secret differently than regcred, you need to adjust the imagePullSecrets in the values.yaml file.

Note

If you received a new token or made a mistake, you have to delete the secret first. In particular, the create command will say: error: failed to create secret secrets "regcred" already exists.

kubectl [--namespace cocalc] delete secret regcred

Ref:

• Blog: Google Container Registry

• K8S: Pull image from private registry