search

sungsoo / sungsoo.github.io

Sung-Soo Kim's Blog
30 stars 8 forks source link

feat: Private Registry #26

Open sungsoo opened 2 years ago

sungsoo commented 2 years ago

feat: Docker Private Registry Setup

Article Source

Deployment

apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "1"
  generation: 1
  labels:
    run: kubeflow-registry
  name: kubeflow-registry
  namespace: default
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      run: kubeflow-registry
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        run: kubeflow-registry
    spec:
      containers:
      - image: registry:2
        imagePullPolicy: IfNotPresent
        name: kubeflow-registry
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /var/lib/registry
          name: registry-persistent-storage
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
      volumes:
      - name: registry-persistent-storage
        persistentVolumeClaim:
          claimName: registry-pvc

Service

apiVersion: v1
kind: Service
metadata:
  labels:
    run: kubeflow-registry
  name: kubeflow-registry
  namespace: default
spec:
  ports:
  - name: registry
    port: 30000
    protocol: TCP
    targetPort: 5000
    nodePort: 30000
  selector:
    run: kubeflow-registry
  sessionAffinity: None
  type: NodePort

Persistent Volume Claim

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  annotations:
  name: registry-pvc
  namespace: default
spec:
  storageClassName: local-path
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi
  volumeMode: Filesystem

hosts 파일 수정

192.168.19.134  kubeflow-registry.default.svc.cluster.local

insecure registry 옵션 추가

vi /etc/docker/daemon.json

  "insecure-registries": [
    "kubeflow-registry.default.svc.cluster.local:30000"
  ]
$ systemctl daemon-reload

$ systemctl restart docker

접속 테스트

$ curl kubeflow-registry.default.svc.cluster.local:30000/v2/_catalog

{"repositories":[""]}
sungsoo commented 1 year ago

Microk8s

You can simply activate private registry functionality via microk8s enable command.

╭─sungsoo@ubuntu ~ 
╰─$ microk8s enable registry