Follow this image relocation procedure if either of the following are true:
If you are installing Cloud Native Runtimes using image relocation with a registry that does not have a publicly-rooted certificate, you need to provision your cluster with a self-signed certificate. For information about provisioning a cluster with a self-signed certificate, see How to Set Up a Harbor Registry with Self-Signed Certificates for Tanzu Kubernetes Clusters.
In addition to the prerequsites listed above, you need the following prerequisites:
cnr_registry__serveris the URI of the registry.
cnr_registry__usernameis the username for the registry.
cnr_registry__passwordis the password to access the registry.
Note: The environment variables include two underscore symbols ( _ ).
To relocate the Cloud Native Runtimes image to a private registry:
Verify that imgpkg was installed. Run:
cloud-native-runtimes-1.1.x.lock file from the Cloud Native Runtimes release page.
Log in to your registry through Docker or, for other authentication options, such as environment variables, see the imgpkg documentation.
Push the bundle to a registry. Run:
imgpkg copy --lock cloud-native-runtimes-1.1.x.lock --to-repo LINK-TO-PRIVATE-REPO --lock-output LOCK-OUTPUT
LINK-TO-PRIVATE-REPOis the path to the private registry.
LOCK-OUTPUTis the name of your lock output file.
Note: If you do not have the certificates for your private registry, then add
--registry-verify-certs=falseto the command and to the command in step 4.
$ imgpkg copy –lock cloud-native-runtimes-1.1.0.lock –to-repo my.corp.registry/cnr –lock-output ./relocated.lock –registry-verify-certs=false
Pull your image. Run:
imgpkg pull --lock LOCK-OUTPUT -o ./cloud-native-runtimes
LOCK-OUTPUT is the name of your lock output file.
$ imgpkg pull –lock ./relocated.lock -o ./cloud-native-runtimes
Navigate to the
cloud-native-runtimes directory. Run:
install.sh file as executable by updating the install script permission. Run:
chmod +x ./bin/install.sh