Is there way to configure nexus as private registry for gke cluster

9/26/2021

Our docker images are pushed to nexus which is hosted on another gcp machine and our k8s cluster is GKE.

is there a way wherein we can configure nexus as a private registry for gke cluster?

-- Sugatur Deekshith S N
docker
google-cloud-platform
google-kubernetes-engine
kubernetes
nexus

2 Answers

9/26/2021
-- CodeWizard
Source: StackOverflow

9/27/2021

Other users have tried to do this and there's a known issue:

Allow user to use 3rd party repository for GKE. Right now we got a x509 error
saying the certificate is signed by unknown authority, meaning Nexus cannot
trust a self signed certificate from GKE. To overcome that, we need to import
the root ca certificate to GKE so both party has the same root of trust, but we are stuck
because we can't import root ca to GKE master.

All the reproduction steps are documented in this public thread

NOTE: This public thread is being handled currenlty as a Feature Request which means that Google Cloud is working on this to include it in future GKE versions.

However, I have good news, there's a public guide that seems to provide a workaround to fix the known issue.

I hope this information helps you to get your nexus working as a private container registry.

-- Gabo Licea
Source: StackOverflow