Configuring Digital.ai Release Runner Registry Settings
When deploying the Digital.ai Release runner in an air-gapped network or working with private registries, you may need to configure custom registry settings to ensure proper image handling. In air-gapped networks, external registry URLs (like docker.io) are not accessible to fetch images for integration plugins. Similarly, when working with private registries, proper authentication and routing configurations are essential.
These registry settings only apply to plugin execution pods created by the Release Runner. The Runner installation itself, including its container images, is handled during the installation process using the xl kube install command.
The Digital.ai Release runner registry settings provide a flexible solution to these challenges by allowing you to:
- Redirect container image requests from public repositories to your internal registry
- Configure authentication for private registries using Kubernetes secrets
- Set up image mappings to maintain consistency across your deployment
- Ensure seamless operation of integration plugins in restricted network environments
This configuration allows you to map image URLs and specify credentials for accessing private registries, making it easier to manage container images in your specific environment. By configuring these registry settings, you ensure that integration plugin images are pulled from an internal repository, allowing the plugins to function seamlessly in an air-gapped network.
Creating a Digital.ai Release Runner Registry Settings Connection
-
Click Connections from the sidebar.
-
Click New Connection and select Digital.ai Release runner registry settings.
-
Provide a Title for the configuration.
-
Define Image Mappings and Registry Pull Secret Mappings as needed.
-
Click Save.
Configuring Image Mappings
Image mappings allow you to specify alternative registry locations for Docker images. You can use wildcards to match multiple image URLs.
To add image mappings:
- In the Image Mappings table, click the + button to add a new mapping.
- Type the Key, which represents the original image URL or a pattern (for example,
docker.io/digitalai/*). - Type the Value, which is the redirected internal image URL (for example,
internal-registry.local/digitalai/*). - Click Save.
Configuring Registry Pull Secret Mappings
If your internal registry requires authentication, you need to specify a mapping between image URLs and a Kubernetes SecretRef.
To add registry pull secret mappings:
- In the Registry Pull Secret Mappings table, click the + button.
- Type the Key, which represents the image URL requiring authentication.
- Type the Value, which is the SecretRef containing credentials for the registry.
- Click Save.
Understanding Kubernetes Secret References
Make sure to create the Kubernetes secret in the same namespace where your Digital.ai Release runner is deployed. Otherwise, the runner won't be able to access the credentials.
The SecretRef value refers to a Kubernetes secret that contains your registry credentials. Before configuring the registry pull secret mappings, you need to create this secret in your Kubernetes cluster.
To create a secret for registry authentication:
-
Create a Kubernetes secret using the
kubectl create secretcommand:# Example for illustrative purposes
kubectl create secret docker-registry my-registry-secret \
--docker-server=internal-registry.local \
--docker-username=<username> \
--docker-password=<password> \
--docker-email=<email> -
Make sure the secret is created in the same namespace where your Digital.ai Release runner is deployed.
The secret name (in this example, my-registry-secret) is what you'll use as the Value in your Registry Pull Secret Mappings.
Example Configuration - Image Mappings
| Key | Value |
|---|---|
docker.io/digitalai/* | internal-registry.local/digitalai/* |
Example Configuration - Registry Pull Secret Mappings
| Key | Value |
|---|---|
internal-registry.local/digitalai/* | my-registry-secret |
Here's an example of the mappings.
Configure the Runner to Use the Registry Settings
-
Select Settings (
) > Runners from the top navigation bar. -
Click the Actions ellipsis icon for the runner you want to configure and click Edit.
-
Select the registry setting that you want this runner to use from the Registry Settings drop-down list.
-
Click Save.