Docker Images Distribution

There are two ways to get Docker images:

  1. By pulling the images from the Edifecs Docker Registry in Google Cloud Repository (GCR).
  2. By manually importing .tar images from the file system into your Kubernetes cluster.

Pull Images from GCR

This method is recommended for the production workload in multi-node environments. To gain access to the Edifecs Docker Registry, contact Edifecs Customer Support to get the necessary credentials (key.json).

As a result, you get an email with instructions that show how to:

  • authenticate in Edifecs Docker Registry in GCR,
  • pull Docker images from the registry,
  • create a Kubernetes secret to allow the Edifecs registry access from your Kubernetes cluster.

Follow the instructions in the email to pull images from GCR.

You have been granted access to Edifecs Docker Registry!

To pull Edifecs Docker images, please copy-paste the italicized text below into key.json and store the file in a secure location (previously issued credentials are now inactive):

{"auth_provider_x509_cert_url":"…"}

 

Sample usage (Linux):

1. User authentication using the key.json file from above:

cat key.json | docker login -u _json_key --password-stdin https://us.gcr.io

2. Pulling image:

docker pull us.gcr.io/edifecs/test-image:latest

3. Creating a Kubernetes secret for automated Docker registry access by pods:

a. Create a file, edifecs-registry-key.yml, with the following contents in a secure location:

apiVersion: v1

data:

.dockerconfigjson: eyJhdXRocyI6IHsidXMuZ2NyLmlvIjogeyJlb...

kind: Secret

metadata:

name: edifecs-registry-key

type: kubernetes.io/dockerconfigjson

b. Execute:

kubectl apply -f edifecs-registry-key.yml

c. You can delete the edifecs-registry-key.yml file

Manual Docker Images Import

Note This approach is not maintained anymore and will be deprecated soon.

This method suits testing and demonstration purposes if you do not have the necessary credentials to the Edifecs Docker Registry. It is strongly recommended that you do not use this method for production clusters in multi-node Kubernetes environments. Disable AlwaysPullImages for your Kubernetes cluster to bypass the Docker Registry image pulls.

The import procedure is as follows:

  1. Download Edifecs Docker images to your Kubernetes node. To get images files, contact Edifecs Customer Support. For example, your image files can be the following:

    • core_9.2.tar
    • ecl_9.2.17.tar
    • hipaa_9.2.14.tar
    • hl7_9.2.tar
    • ncpdp_9.2.tar
    • x12n_9.2.tar
    • xe_9.2.3.tar

    • xes-wo-jdk_9.2.3.tar

      You can override the JDK version in the Manifest in the main container (directly or via customization), as shown in the example below.

      image: adoptopenjdk/openjdk11:jdk-11.0.10_9-alpine

      imagePullPolicy: Always

  2. Load the images into the node's Docker cache by running the following command in your Linux prompt:

    for image in *.tar;
    do docker image load < $image;
    done

    This produces an output similar to the following:

    cb381a32b229: Loading layer 5.88MB/5.88MB
    ...
    Loaded image: us.gcr.io/edifecs/core:9.2
    ...