Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: fix 2 broken links #3211

Merged
merged 3 commits into from
Oct 27, 2022
Merged

fix: fix 2 broken links #3211

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b174c64
fix: fix broken linkx
Jcahilltorre Oct 26, 2022
26e0b5a
fix: change links to relref
Jcahilltorre Oct 26, 2022
31c173b
Merge branch 'main' into DOCOPS-1493
tomasohaodha Oct 27, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions docs/content/installation/using-the-jwt-token-docker-secret.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,32 +9,32 @@ docs: "DOCS-608"

This document explains how to use the NGINX Plus Ingress Controller image from the F5 Docker registry in your Kubernetes cluster by using your NGINX Ingress Controller subscription JWT token. **Please note that an NGINX Plus subscription certificate and key will not work with the F5 Docker registry.** You can also get the image using alternative methods:

* You can use Docker to pull an Ingress Controller image with NGINX Plus and push it to your private registry by following the instructions from [here](/nginx-ingress-controller/installation/pulling-ingress-controller-image).
* Please see [here](/nginx-ingress-controller/installation/building-ingress-controller-image) for information on how to build an Ingress Controller image using the source code from this repository and your NGINX Plus subscription certificate and key.
* You can use Docker to pull an Ingress Controller image with NGINX Plus and push it to your private registry by following the [Pulling the Ingress Controller Image]({{< relref "/installation/pulling-ingress-controller-image.md" >}}) documentation.
* Please see the [information on how to build an Ingress Controller image]({{< relref "/installation/building-ingress-controller-image.md" >}}) using the source code from this repository and your NGINX Plus subscription certificate and key.
* Note that for NGINX Ingress Controller based on NGINX OSS, we provide the image through [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/).

## Prerequisites

* For NGINX Ingress Controller, you must have the NGINX Ingress Controller subscription -- download the NGINX Plus Ingress Controller (per instance) JWT access token from [MyF5](https://myf5.com).
* To list the available image tags using the Docker registry API, you will also need to download the NGINX Plus Ingress Controller (per instance) certificate (`nginx-repo.crt`) and the key (`nginx-repo.key`) from [MyF5](https://myf5.com).
* For NGINX Ingress Controller, you must have the NGINX Ingress Controller subscription -- download the NGINX Plus Ingress Controller (per instance) JWT access token from [MyF5](https://my.f5.com).
* To list the available image tags using the Docker registry API, you will also need to download the NGINX Plus Ingress Controller (per instance) certificate (`nginx-repo.crt`) and the key (`nginx-repo.key`) from [MyF5](https://my.f5.com).

## Using the JWT token in a Docker Config Secret

1. Create a `docker-registry` secret on the cluster using the JWT token as the username, and `none` for password (password is unused). The name of the docker server is `private-registry.nginx.com`. Optionally namespace the secret.
1. Create a `docker-registry` secret on the cluster using the JWT token as the username and `none` for password (password is unused). The name of the docker server is `private-registry.nginx.com`. Optionally namespace the secret.

```
kubectl create secret docker-registry regcred --docker-server=private-registry.nginx.com --docker-username=<JWT Token> --docker-password=none [-n nginx-ingress]
```

2. Confirm the details of the created secret by running:

```
```bash
kubectl get secret regcred --output=yaml
```

3. This secret can now be added to a deployment spec, or to a service account to apply to all deployments for a given SA spec. See the official documentation [here](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) and [here](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account) for more details.
3. You can now add this secret to a deployment spec or to a service account to apply to all deployments for a given SA spec. See the [Create a Pod that uses your Secret](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) and [Add ImagePullSecrets to a service account](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account) documentation for more details.

4. Update the deployment spec with the chosen image path. Choose the image from the available images listed [here](/nginx-ingress-controller/technical-specifications/#images-with-nginx-plus).
4. Update the deployment spec with the chosen image path. Choose the image from the [available images]({{< relref "/technical-specifications.md#images-with-nginx-plus" >}}).

5. You can use the certificate and key from the MyF5 portal and the Docker registry API to list the available image tags for the repositories, e.g.:
```
Expand Down