Kubernetes : Configure Private Registry2020/08/19

Configure Docker Private Registry to pull Docker images from self Private Registry.

This example is based on the environment like follows.

-----------+---------------------------+--------------------------+------------
           |                           |                          |
       eth0|10.0.0.30              eth0|10.0.0.51             eth0|10.0.0.52
+----------+-----------+   +-----------+----------+   +-----------+----------+
|   [ dlp.srv.world ]  |   | [ node01.srv.world ] |   | [ node02.srv.world ] |
|      Master Node     |   |      Worker Node     |   |      Worker Node     |
+----------------------+   +----------------------+   +----------------------+

[1]	On a Node you'd like to run Private Registry Pod, Configure Docker Registry with basic authentication, refer to here of [3]. On this example, Registry Pod is runing on Master Node. For HTTPS settings on Docker Registry, it's optional but if you uses HTTP conection, it needs to set [insecure-registries] on all Docker daemon.
[2]	Add Secret in Kubernetes.

# login to the Registry once with a user

root@dlp:~#

docker login dlp.srv.world:5000

Username:

ubuntu

Password:
Login Succeeded

# then following file is generated

root@dlp:~#

ll ~/.docker/config.json

-rw------- 1 root root 152 Aug 18 19:32 /root/.docker/config.json

# BASE64 encode of the file

root@dlp:~#

cat ~/.docker/config.json | base64

ewoJImF1dGhzIjogewoJCSJkbHAuc3J2.....

root@dlp:~#

vi regcred.yml

# create new

# specify contents of BASE64 encoding above with one line for [.dockerconfigjson] section

apiVersion: v1
kind: Secret
data:
  .dockerconfigjson: ewoJImF1dGhzIjogewoJ.....
metadata:
  name: regcred
type: kubernetes.io/dockerconfigjson

root@dlp:~#

kubectl create -f regcred.yml

secret "regcred" created
root@dlp:~#

kubectl get secrets

NAME                  TYPE                                  DATA   AGE
default-token-vp6d6   kubernetes.io/service-account-token   3      134m
regcred               kubernetes.io/dockerconfigjson        1      5s

[3]	To pull images from self Private Registry, Specify private image and Secret when deploying pods like follows.

root@dlp:~#

docker images dlp.srv.world:5000/nginx

REPOSITORY                 TAG                 IMAGE ID            CREATED             SIZE
dlp.srv.world:5000/nginx   my-registry         4bb46517cac3        4 days ago          133MB

root@dlp:~#

vi private-nginx.yml

apiVersion: v1
kind: Pod
metadata:
  name: private-nginx
spec:
  containers:
  - name: private-nginx
    # image on Private Registry
    image: dlp.srv.world:5000/nginx:my-registry
  imagePullSecrets:
  # Secret name you added
  - name: regcred

root@dlp:~#

kubectl create -f private-nginx.yml

pod "private-nginx" created

root@dlp:~#

kubectl get pods

NAME            READY   STATUS    RESTARTS   AGE
private-nginx   1/1     Running   0          96s

root@dlp:~#

kubectl describe pods private-nginx

Name:         private-nginx
Namespace:    default
Priority:     0
Node:         node01.srv.world/10.0.0.51
Start Time:   Tue, 18 Aug 2020 19:39:25 +0900
Labels:       <none>
Annotations:  <none>
Status:       Running
IP:           10.244.1.9
IPs:
  IP:  10.244.1.9
Containers:
  private-nginx:
    Container ID:   docker://585ed6fd3ff7c160e2c0ea7260c.....
    Image:          dlp.srv.world:5000/nginx:my-registry
    Image ID:       docker-pullable://dlp.srv.world:5000/nginx@sha256:179412.....
.....
.....

Matched Content