7129d477d3
This registry can be accessed through proxies that run on each node listening on port 5000. We send the proxy images to the nodes directly to avoid requests that hit the network during cluster launch. For now, we continue to pull the registry itself over the network, especially given its large size (we should be able to dramatically shrink the image). On GCE we create a PD and use that for storage, otherwise we use an emptyDir. The registry is not enabled outside of GCE. All communication is currently plain HTTP. In order to use SSL, we will need to be able to request a certificate/key from the apiserver signed by the apiserver's CA cert.
13 lines
296 B
Docker
13 lines
296 B
Docker
FROM haproxy:1.5
|
|
MAINTAINER Muhammed Uluyol <uluyol@google.com>
|
|
|
|
RUN apt-get update && apt-get install -y dnsutils
|
|
|
|
ADD proxy.conf.insecure.in /proxy.conf.in
|
|
ADD run_proxy.sh /usr/bin/run_proxy
|
|
|
|
RUN chown root:users /usr/bin/run_proxy
|
|
RUN chmod 755 /usr/bin/run_proxy
|
|
|
|
CMD ["/usr/bin/run_proxy"]
|