OCI Registries
The wasmCloud host supports pulling images for components and providers from OCI (Open Container Initiative) registries.
Allowing Insecure Access to a Registry
By default wasmCloud will pull all images from a registry over HTTPS. If you need to pull images from a registry that does not have a valid certificate, you can allow wasmCloud to pull images from that registry by setting the WASMCLOUD_OCI_ALLOWED_INSECURE
environment variable. For example:
export WASMCLOUD_OCI_ALLOWED_INSECURE='myregistry.example.com'
wash up
You may also include multiple registries in a comma-separated list.
Configuring Access to a Private Registry
In production environments, it's common to pull artifacts from a private registry. wasmCloud hosts can configured to authenticate with a private registry using host configuration. For example, the following environment variables can be used to authenticate to the registry specified with the WASMCLOUD_OCI_REGISTRY
option:
export WASMCLOUD_OCI_REGISTRY_USER='myuser'
export WASMCLOUD_OCI_REGISTRY_PASSWORD='myp4$$w0rd'
wash up
Working with Multiple Registries
Sometimes it's necessary to pull artifacts from multiple private registries. In this case, a config service can be used to provide supplemental configuration, including credentials for multiple OCI registries.