carbajgu
Mission Specialist
Mission Specialist
  • 2,651 Views

how to work with prefix in a container registry?

Hello all!

I ran a local registry container and configure a prefix for that. But I am not able to work with that. What am i doing wrong/ or missing?

 sudo podman run -d -p 5000:5000 --name tmpregistry docker.io/library/registry:latest

and configured:

tail -n 5 /etc/containers/registries.conf

[[registry]]
prefix = "tmpregistry.com"
location = "localhost:5000"
insecure = true

sudo systemctl restart podman

Test #1:

[carbajgu@hostone ~]$ curl localhost:5000/v2/_catalog
{"repositories":[]}
[carbajgu@hostone ~]$ curl http://localhost:5000/v2/_catalog
{"repositories":[]}

Test #2:

[carbajgu@hostone ~]$ curl tmpregistry.com/v2/_catalog
[carbajgu@hostone ~]$ curl http://tmpregistry.com/v2/_catalog
[carbajgu@hostone ~]$ curl http://tmpregistry.com:5000/v2/_catalog
^C

why this Test #2 is not working?

BR/

Labels (2)
11 Replies
  • 562 Views

Hello @carbajgu ,

In the registries.conf file there is only one registry whose location (that is, its address) is set to localhost:5000. That's where your local registry runs. Whenever the container/image library connects to a container registry with that location, it will look for its configuration and act accordingly. In this case, the registry is configured to be insecure, and TLS verification will be skipped. Podman and other container tools can now communicate with the local registry without connections being rejected.

A prefix is used to select a specific [registry] in registries.conf. They can be used to remap entire images. Similar to mirrors, we can use a prefix to pull from a different registry and a different namespace.

Let's consider that we are disconnected from the Internet and our workload is using images from Quay.io, Docker Hub, and Red Hat's container registry.

[[registry]]

prefix="quay.io"

location="internal.registry.mirror/quay"

[[registry]]

prefix="docker.io"

location="internal.registry.mirror/docker"

[[registry]]

prefix="registry.access.redhat.com"

location="internal.registry.mirror/redhat"

A podman pull quay.io/buildah/stable:latest will now pull from internal.registry.mirror/quay/buildah/stable:latest. However, the pulled image will still be quay.io/buildah/stable:latest as the remapping and replica occur transparently for Podman and other container tools.

In conclusion, the use of prefixes is useful for Podman commands but does not imply DNS resolution for curl.

Best regards.

 

0 Kudos
  • 549 Views

Test #2 is failing because curl doesn't know or care about your /etc/containers/registries.conf entry. The registries.conf is used by docker/podman command to resolve the registries.

So you need a DNS record for tmpregistry.com pointing to your machine, easiest way would be to add a line to your hosts file (/etc/hosts), eg.:

127.0.0.1 tmpregistry.com

Then your curl should work just fine

0 Kudos
Join the discussion
You must log in to join this conversation.