Private Registry Installation with Helm
Kubernetes 1.19+
Helm 3.2.0+
helm repo add stable https://charts.helm.sh/stable
helm repo update stable
apt install apache2-utils
htpasswd -c ./docker-registry-htpasswd gedge
Install (Private Registry)
cat <<EOF > registry-values.yaml
persistence:
enabled: true
size: 50Gi
ingress:
enabled: false
#annotations:
# kubernetes.io/ingress.class: nginx
# nginx.ingress.kubernetes.io/ssl-redirect: "false"
#hosts:
# - <registry-url>
secrets:
htpasswd: docker-registry-htpasswd
EOF
helm install registry stable/docker-registry \
--create-namespace \
--namespace registry \
-f registry-values.yaml
kubectl patch svc registry-docker-registry -n registry --type='json' -p '[{"op":"replace","path":"/spec/type","value":"NodePort"},{"op":"replace","path":"/spec/ports/0/nodePort","value":32222}]'
Option (Containerd Skip Verity)
# cat /etc/containerd/config.toml
# ...
[plugins."io.containerd.grpc.v1.cri".registry]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://registry-1.docker.io"]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."10.254.1.2:5000"]
endpoint = ["http://10.254.1.2:5000"]
[plugins."io.containerd.grpc.v1.cri".registry.configs]
[plugins."io.containerd.grpc.v1.cri".registry.configs."10.254.1.2:5000".tls]
insecure_skip_verify = true
# ...
$ sudo systemctl restart containerd