Help Center/ Cloud Container Engine/ Drawer/ Configuration Reference/ Nodes/ kubelet/ Certificate Authentication Skipped Image Repository
Updated on 2024-10-26 GMT+08:00

Certificate Authentication Skipped Image Repository

When you specify image repositories, you can bypass security certificate-based authentication. This is typically done to connect to an insecure or self-signed image repository.

The image repository must be an IP address or a domain name, for example, ["example.com"].

Value Range

Up to 10 insecure repositories

Default Value

Empty value

Modifiable

Yes

Scope

Nodes that use containerd in CCE standard and CCE Turbo clusters

Suggestions

Only enable this option when using a self-signed certificate or when attempting to access a private image repository that cannot obtain an authorized certificate.

Possible Risks

  • Enabling this option may be a security risk because the container runtime does not verify the security of the connection.
  • Man-in-the-middle attacks may be possible, so using this configuration only in trusted environments.