Created
May 10, 2017 14:31
-
-
Save dmage/7f6f7f0b0b6a7432af0c7878ef25ca46 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
### cleanup | |
oc cluster down | |
rm -rf ./secrets | |
### end of cleanup | |
oc cluster up --version=latest --skip-registry-check=true | |
oc login -u system:admin | |
oc project default | |
oc get svc/docker-registry | |
MASTERDIR=/var/lib/origin/openshift.local.config/master | |
sudo $(which oadm) ca create-server-cert \ | |
--signer-cert=$MASTERDIR/ca.crt \ | |
--signer-key=$MASTERDIR/ca.key \ | |
--signer-serial=$MASTERDIR/ca.serial.txt \ | |
--hostnames='registry.127.0.0.1.nip.io,docker-registry.default.svc.cluster.local,172.30.1.1' \ | |
--cert=./secrets/registry.crt \ | |
--key=./secrets/registry.key | |
sudo chown -R $(whoami) ./secrets/ | |
oc secrets new registry-secret ./secrets/registry.crt ./secrets/registry.key | |
oc secrets link registry registry-secret | |
oc secrets link default registry-secret | |
oc volume dc/docker-registry --add --type=secret \ | |
--secret-name=registry-secret -m /etc/secrets | |
oc set env dc/docker-registry \ | |
REGISTRY_HTTP_TLS_CERTIFICATE=/etc/secrets/registry.crt \ | |
REGISTRY_HTTP_TLS_KEY=/etc/secrets/registry.key | |
oc patch dc/docker-registry -p '{"spec": {"template": {"spec": {"containers":[{ | |
"name":"registry", | |
"livenessProbe": {"httpGet": {"scheme":"HTTPS"}} | |
}]}}}}' | |
oc patch dc/docker-registry -p '{"spec": {"template": {"spec": {"containers":[{ | |
"name":"registry", | |
"readinessProbe": {"httpGet": {"scheme":"HTTPS"}} | |
}]}}}}' | |
oc create route passthrough --service=docker-registry --hostname=registry.127.0.0.1.nip.io | |
sudo mkdir -p /etc/docker/certs.d/registry.127.0.0.1.nip.io | |
sudo cp $MASTERDIR/ca.crt /etc/docker/certs.d/registry.127.0.0.1.nip.io | |
oc rollout status -w dc/docker-registry | |
oc rollout status -w dc/router | |
oc login -u developer | |
oc project myproject | |
docker login --username `oc whoami` --password `oc whoami -t` registry.127.0.0.1.nip.io | |
docker pull busybox | |
docker tag busybox registry.127.0.0.1.nip.io/myproject/busybox | |
docker push registry.127.0.0.1.nip.io/myproject/busybox |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment