Add a note about private registries unsupported

Private HTTPS container registries are not tested in TripleO. Describe available options if one is have to be used. Change-Id: If8a0c52b376fd429bd59b2b1a17ade9154726f3a Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2021-11-03 09:37:10 +01:00 · 2021-11-03 09:37:10 +01:00 · 0480052253
parent af504c5f4a
commit 0480052253
1 changed files with 9 additions and 1 deletions
--- a/deploy-guide/source/deployment/container_image_prepare.rst
+++ b/deploy-guide/source/deployment/container_image_prepare.rst
@ -12,7 +12,15 @@ Choosing an image registry strategy
 Container images need to be pulled from an image registry which is reliably
 available to overcloud nodes. The three common options to serve images are to
 use the default registry, the registry available on the undercloud, or an
-independently managed registry. During deployment the environment parameter
+independently managed registry.
+
+.. note:: Private SSL-enabled registries with a custom CA are not tested.
+   If you have to use one, the custom CA (certificate authority) that is needed
+   for the registry should be installed before deploying the overcloud. For
+   example, it can be injected into the overcloud image, or installed via first
+   boot scripts.
+
+During deployment the environment parameter
 `ContainerImagePrepare` is used to specify any desired behaviour, including:

 - Where to pull images from