[SOLVED] Pull images from local registry within a pod

Finally I found a solution to this problem (Pull docker images from leader.telekube.local registry inside a pod). Gravity by default use a local registry that in my use case it is neccesary to be accessed by a pod, so i share this post just in case anyone needs it too.

As suggested in the original post, since the dns name of the registry is not propagated within the cluster, the best way to access this local registry from inside the cluster is modifyng the default service (and the endpoint) used to access the apjserver named kubernetes to add the 5000 port (A possibility could be using kubectl patch in an init script). A little hack but I thing its the only solution…

Once we do this, it is necessary to achieve mTLS creating certs with the ca used in plane, making use of a init job hook script and then adding these as a volume in the default certs folder for registry certificates in docker (/etc/docker/certs.d/kubernetes.default.svc.cluster.local:5000). Note that the folder inside certs.d needs to be named as the registry endpoint accessed. Another thing to consider is that the ca is mounted in all pods by default so could be useful in this case too.

Once we do this, we could pull images from the gravity local registry using kubernetes.default.svc.cluster.local:5000 as endpoint.