Hi,
I’m running Z2JH in an environment with a private registry outside the K8s cluster. I’m having difficulty customising the helm chart so that the image puller functionality can pull images from this private registry with TLS verification and authentication.
I have mounted the registries CA cert required to the init containers (used for the hook-image-puller and continuous-image-puller daemonsets) as a volume via a configmap. This appears to have resolved the TLS verification issue.
However I have not figured out how to authenticate. I have tried configuring the imagePullSecrets: option; but I suspect that because it’s not an issue of the pod pulling the container that will run inside the pod, but instead the container making a the kubeapi call to pull the images happens inside the container itself, that I have to somehow pass in authentication values to the container itself and possibly make changes to the Go code.
Does anyone have any ideas for how to do this?