Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Docker registry on minikube
apiVersion: v1
kind: ReplicationController
metadata:
name: kube-registry-v0
namespace: kube-system
labels:
k8s-app: kube-registry
version: v0
spec:
replicas: 1
selector:
k8s-app: kube-registry
version: v0
template:
metadata:
labels:
k8s-app: kube-registry
version: v0
spec:
containers:
- name: registry
image: registry:2.5.1
resources:
# keep request = limit to keep this container in guaranteed class
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 100m
memory: 100Mi
env:
- name: REGISTRY_HTTP_ADDR
value: :5000
- name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
value: /var/lib/registry
volumeMounts:
- name: image-store
mountPath: /var/lib/registry
ports:
- containerPort: 5000
name: registry
protocol: TCP
volumes:
- name: image-store
hostPath:
path: /data/registry/
---
apiVersion: v1
kind: Service
metadata:
name: kube-registry
namespace: kube-system
labels:
k8s-app: kube-registry
spec:
selector:
k8s-app: kube-registry
ports:
- name: registry
port: 5000
protocol: TCP
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: kube-registry-proxy
namespace: kube-system
labels:
k8s-app: kube-registry
kubernetes.io/cluster-service: "true"
version: v0.4
spec:
template:
metadata:
labels:
k8s-app: kube-registry
version: v0.4
spec:
containers:
- name: kube-registry-proxy
image: gcr.io/google_containers/kube-registry-proxy:0.4
resources:
limits:
cpu: 100m
memory: 50Mi
env:
- name: REGISTRY_HOST
value: kube-registry.kube-system.svc.cluster.local
- name: REGISTRY_PORT
value: "5000"
ports:
- name: registry
containerPort: 80
hostPort: 5000
@amichael7
Copy link

amichael7 commented Oct 6, 2019

Creating the kube-registry-proxy didn't work for me with Kubernetes version 1.16. I was able to get it working but I had to make two changes to the DaemonSet config:

1. change apiVersion: fixes Error: unable to recognize "kube-registry.yaml": no matches for kind "DaemonSet" in version "extensions/v1beta1"

apiVersion: apps/v1

2. add selector field: fixes Error: error validating "kube-registry.yaml": error validating data: ValidationError(DaemonSet.spec): missing required field "selector" in io.k8s.api.apps.v1.DaemonSetSpec; if you choose to ignore these errors, turn validation off with --validate=false

    selector:
      matchLabels:
        k8s-app: kube-registry
        version: v0.4

@dragan1979
Copy link

dragan1979 commented Jan 10, 2020

Correct yaml with changes by @amichael7:

apiVersion: v1
kind: ReplicationController
metadata:
  name: kube-registry-v0
  namespace: kube-system
  labels:
    k8s-app: kube-registry
    version: v0
spec:
  replicas: 1
  selector:
    k8s-app: kube-registry
    version: v0
  template:
    metadata:
      labels:
        k8s-app: kube-registry
        version: v0
    spec:
      containers:
      - name: registry
        image: registry:2.5.1
        resources:
          # keep request = limit to keep this container in guaranteed class
          limits:
            cpu: 100m
            memory: 100Mi
          requests:
            cpu: 100m
            memory: 100Mi
        env:
        - name: REGISTRY_HTTP_ADDR
          value: :5000
        - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
          value: /var/lib/registry
        volumeMounts:
        - name: image-store
          mountPath: /var/lib/registry
        ports:
        - containerPort: 5000
          name: registry
          protocol: TCP
      volumes:
      - name: image-store
        hostPath:
          path: /data/registry/

---

apiVersion: v1
kind: Service
metadata:
  name: kube-registry
  namespace: kube-system
  labels:
    k8s-app: kube-registry
spec:
  selector:
    k8s-app: kube-registry
  ports:
  - name: registry
    port: 5000
    protocol: TCP

---

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: kube-registry-proxy
  namespace: kube-system
  labels:
    k8s-app: kube-registry
    kubernetes.io/cluster-service: "true"
    version: v0.4
spec:
  selector:
   matchLabels:
    k8s-app: kube-registry
    version: v0.4
  template:
    metadata:
      labels:
        k8s-app: kube-registry
        version: v0.4
        
    spec:
    
      containers:
      - name: kube-registry-proxy
        image: gcr.io/google_containers/kube-registry-proxy:0.4
        resources:
          limits:
            cpu: 100m
            memory: 50Mi
            
        env:
        - name: REGISTRY_HOST
          value: kube-registry.kube-system.svc.cluster.local
        - name: REGISTRY_PORT
          value: "5000"
        ports:
        - name: registry
          containerPort: 80
          hostPort: 5000

@weshouman
Copy link

weshouman commented Feb 11, 2020

  • Allow the registry to run in a multi node cluster without failing with a chance of (n-1/n) % where n:=num_of nodes due to 502 bad gateway, as described in this issue
  • Adding an always pulling policy
apiVersion: v1
kind: ReplicationController
metadata:
  name: kube-registry-v0
  namespace: kube-system
  labels:
    k8s-app: kube-registry
    version: v0
spec:
  replicas: 1
  selector:
    k8s-app: kube-registry
    version: v0
  template:
    metadata:
      labels:
        k8s-app: kube-registry
        version: v0
    spec:
      containers:
      - name: registry
        image: registry:2.5.1
        imagePullPolicy: Always
        resources:
          # keep request = limit to keep this container in guaranteed class
          limits:
            cpu: 100m
            memory: 100Mi
          requests:
            cpu: 100m
            memory: 100Mi
        env:
        - name: REGISTRY_HTTP_ADDR
          value: :5000
        - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
          value: /var/lib/registry
        volumeMounts:
        - name: image-store
          mountPath: /var/lib/registry
        ports:
        - containerPort: 5000
          name: registry
          protocol: TCP
      volumes:
      - name: image-store
        hostPath:
          path: /data/registry/

---

apiVersion: v1
kind: Service
metadata:
  name: kube-registry
  namespace: kube-system
  labels:
    k8s-app: kube-registry
spec:
  selector:
    k8s-app: kube-registry
  ports:
  - name: registry
    port: 5000
    protocol: TCP

---

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: kube-registry-proxy
  namespace: kube-system
  labels:
    k8s-app: kube-registry-proxy
    kubernetes.io/cluster-service: "true"
    version: v0.4
spec:
  selector:
    matchLabels:
      k8s-app: kube-registry-proxy
      version: v0.4
  template:
    metadata:
      labels:
        k8s-app: kube-registry-proxy
        version: v0.4
    spec:
      containers:
      - name: kube-registry-proxy
        image: gcr.io/google_containers/kube-registry-proxy:0.4
        imagePullPolicy: Always
        resources:
          limits:
            cpu: 100m
            memory: 50Mi
        env:
        - name: REGISTRY_HOST
          value: kube-registry.kube-system.svc.cluster.local
        - name: REGISTRY_PORT
          value: "5000"
        ports:
        - name: registry
          containerPort: 80
          hostPort: 5000

@johndiego
Copy link

johndiego commented Sep 24, 2020

how i can used this for my images?

@aissar
Copy link

aissar commented Nov 10, 2020

how i can used this for my images?

@johndiego If I understand your questions correctly, you want to know how to push images from your host machine to the docker registry running within minikube. If yes, you can follow these simple steps:

Step 1: Expose the minikube registry port to your host machine

Please refer to this this link for detailed instructions.

https://hasura.io/blog/sharing-a-local-registry-for-minikube-37c7240d0615/

Step 2: Tag image on host machine

docker tag docker/whalesay localhost:5000/whalesay

Step 3: Push image from host to minikube registry

docker push localhost:5000/whalesay

@dennislabajo
Copy link

dennislabajo commented Jan 25, 2022

Hello - I'm getting a connection refused error, not sure what's causing it.

My setup:

MacOS with docker desktop, created kubernetes cluster with 3 nodes:

╰─ kubectl get nodes
NAME           STATUS   ROLES                  AGE     VERSION
minikube       Ready    control-plane,master   10m     v1.23.1
minikube-m02   Ready    <none>                 10m     v1.23.1
minikube-m03   Ready    <none>                 9m35s   v1.23.1

I added localhost:5000 as an insecure registry in docker desktop's "Docker Engine" setting; not sure if this matters but I've tried both with and without:

"insecure-registries": [
    "127.0.0.1:5000"
  ],

Steps:

1. Setup the registry

kubectl create -f kube-registry.yaml

2. Created a port-forward:

kubectl port-forward --namespace kube-system \
$(kubectl get po -n kube-system | grep kube-registry-v0 | \awk '{print $1;}') 5000:5000

3. Built docker image of a sample app and tagged it:

╰─ docker image ls | grep node
127.0.0.1:5000/node-redis-mongo-app   latest    bb331bf61bc4   33 hours ago   954MB
node-redis-mongo-app                  latest    bb331bf61bc4   33 hours ago   954MB

4. Attempted to push image to registry but ended up with the error:

╰─ docker push 127.0.0.1:5000/node-redis-mongo-app
Using default tag: latest
The push refers to repository [127.0.0.1:5000/node-redis-mongo-app]
Get "http://127.0.0.1:5000/v2/": dial tcp 127.0.0.1:5000: connect: connection refused

5. I can curl the registry just fine:

╰─ curl 127.0.0.1:5000
Handling connection for 5000

Any ideas?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment