Container registries
The Platform Orchestrator’s “Registries” feature is deprecated and will be removed in a future version.
This page provides current guidance on handling registries without using that feature.
Overview
Container registries store and manage container images ready for use when they are needed in a deployment.
New images are pushed into a registry after they have been built. This is typically done via a CI pipeline as a result of changes applied by developers to a workload’s source repository. Upon deployment onto a Kubernetes cluster, the cluster then pulls required images out of a registry to spin up running containers. Both the CI pipeline and the Kubernetes clusters require access to your container registres.
The Humanitec Platform Orchestrator does not require access to your container registries. Its own deployment process results in Kubernetes manifests being created on clusters, but the actual image pull continues to be performed by the clusters themselves.
Creating imagePullSecrets via the Platform Orchestrator
You may still use the Platform Orchestrator to help automate container registry integration.
If you are using the Kubernetes-native way to Pull an Image from a Private Registry, you can automate the creation of imagePullSecrets for your deployments
Look at this example for a ready-to-use sample implementation.
Native cloud provider registry integration
Many cloud providers offer a native integration of their managed Kubernetes offerings with the corresponding container registry service. E.g.
- On AWS, see Using Amazon ECR Images with Amazon EKS
- On Azure, see Authenticate with Azure Container Registry (ACR) from Azure Kubernetes Service (AKS)
- On Google Cloud, see Deploying to Google Kubernetes Engine from an Artifact Registry
When using these or similar mechanisms, no further configuration via the Platform Orchestrator is required.