I have no idea if AKS questions can even be asked on here. If not, my apologies.
I have aks setup. 3 nodes. I have a private docker registry running in artifactory on prem. There is a vpn tunnel between azure and on prem.
I created a deployment to pull an image out of our private registry. Here is where the fun comes in. Corp Policy dictates that internal servers use certificates from our enterprise CA. So the cert on the artifactory box is trusted by default by internal machines and any machine i can get the CA chain added as a trust… But the AKS nodes. Is there any way to provide the aks nodes a custom docker daemon config to see this as an insecure registry? or a way to add our CA to the nodes?
So far i am not seeing any way to do anything to the aks nodes short of getting off aks and just doing kubernetes straight on VMs in azure.