Docker minikube 中使用 docker 驱动程序的本地私有注册表
Docker local private registry in minikube using the docker driver
问题
如何在使用 docker 驱动程序的同时 运行 minikube 中的本地 Docker 私有注册表? (--driver=docker)
问题
将图像推送到私有注册表时连接被拒绝
docker push docker-registry.kubemaster.me/docker-cats:latest
# Results
The push refers to repository [docker-registry.kubemaster.me/docker-cats]
Get http://docker-registry.kubemaster.me/v2/: dial tcp 127.0.0.1:80: connect: connection refused
我的设置
Minikube 在 Windows WSL2 上使用 minikube's docker driver。
minikube start --driver=docker --kubernetes-version=v1.20.2
我已经为 TLS 证书部署了 nginx-ingress-controller which listens on ports 80 and 443. The application is available via both HTTP and HTTPS (using cert-manager)。当然,我将 127.0.0.1 docker-registry.kubemaster.me 添加到我的 C:\Windows\System32\drivers\etc\hosts 文件中。
注意:我在后台 运行ning minikube tunnel,这就是为什么可以通过主机与整个集群通信的原因nginx-ingress-controller.
正在访问本地注册表
来自 Windows 主机
来自 WSL2 Ubuntu 客户机。
curl http://docker-registry.kubemaster.me/v2/_catalog
来自 minikube 的 docker 容器
docker exec -it minikube bash
root@minikube:/$ curl http://docker-registry.kubemaster.me/v2/_catalog
从 minikube 的 docker 容器推送
docker exec -it minikube bash
root@minikube:/$ docker push docker-registry.kubemaster.me/docker-cats
Using default tag: latest
The push refers to repository [docker-registry.kubemaster.me/docker-cats]
346be19f13b0: Layer already exists
935f303ebf75: Layer already exists
0e64bafdc7ee: Pushed
latest: digest:
sha256:5403064f94b617f7975a19ba4d1a1299fd584397f6ee4393d0e16744ed11aab1 size: 943
YAML - 部署、服务和入口
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
k8s-app: docker-registry
name: docker-registry
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
k8s-app: docker-registry
template:
metadata:
labels:
k8s-app: docker-registry
spec:
containers:
- image: registry:2
imagePullPolicy: Always
name: docker-registry
env:
- name: REGISTRY_HTTP_SECRET
value: "some-secret"
- name: REGISTRY_HTTP_ADDR
value: "0.0.0.0:80"
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
resources:
limits:
memory: 400Mi
cpu: "200m"
requests:
memory: 200Mi
cpu: 100m
---
apiVersion: v1
kind: Service
metadata:
labels:
k8s-app: docker-registry
name: docker-registry
namespace: kube-system
spec:
type: LoadBalancer
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
selector:
k8s-app: docker-registry
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: docker-registry
namespace: kube-system
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: 2000m # support large images
spec:
ingressClassName: nginx
rules:
- host: docker-registry.kubemaster.me
http:
paths:
- path: /
pathType: Prefix
backend:
serviceName: docker-registry
servicePort: 80
P.S- 我为开发目的部署本地 Kubernetes 集群的设置 - https://github.com/unfor19/kubernetes-localdev
放弃了这个想法,相反,我通过执行
使用 minikube 的 Docker 守护进程
eval $(minikube docker-env)
问题
如何在使用 docker 驱动程序的同时 运行 minikube 中的本地 Docker 私有注册表? (--driver=docker)
问题
将图像推送到私有注册表时连接被拒绝
docker push docker-registry.kubemaster.me/docker-cats:latest
# Results
The push refers to repository [docker-registry.kubemaster.me/docker-cats]
Get http://docker-registry.kubemaster.me/v2/: dial tcp 127.0.0.1:80: connect: connection refused
我的设置
Minikube 在 Windows WSL2 上使用 minikube's docker driver。
minikube start --driver=docker --kubernetes-version=v1.20.2
我已经为 TLS 证书部署了 nginx-ingress-controller which listens on ports 80 and 443. The application is available via both HTTP and HTTPS (using cert-manager)。当然,我将 127.0.0.1 docker-registry.kubemaster.me 添加到我的 C:\Windows\System32\drivers\etc\hosts 文件中。
注意:我在后台 运行ning minikube tunnel,这就是为什么可以通过主机与整个集群通信的原因nginx-ingress-controller.
正在访问本地注册表
来自 Windows 主机
来自 WSL2 Ubuntu 客户机。
curl http://docker-registry.kubemaster.me/v2/_catalog来自 minikube 的 docker 容器
docker exec -it minikube bash root@minikube:/$ curl http://docker-registry.kubemaster.me/v2/_catalog从 minikube 的 docker 容器推送
docker exec -it minikube bash root@minikube:/$ docker push docker-registry.kubemaster.me/docker-cats Using default tag: latest The push refers to repository [docker-registry.kubemaster.me/docker-cats] 346be19f13b0: Layer already exists 935f303ebf75: Layer already exists 0e64bafdc7ee: Pushed latest: digest: sha256:5403064f94b617f7975a19ba4d1a1299fd584397f6ee4393d0e16744ed11aab1 size: 943
YAML - 部署、服务和入口
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
k8s-app: docker-registry
name: docker-registry
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
k8s-app: docker-registry
template:
metadata:
labels:
k8s-app: docker-registry
spec:
containers:
- image: registry:2
imagePullPolicy: Always
name: docker-registry
env:
- name: REGISTRY_HTTP_SECRET
value: "some-secret"
- name: REGISTRY_HTTP_ADDR
value: "0.0.0.0:80"
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
resources:
limits:
memory: 400Mi
cpu: "200m"
requests:
memory: 200Mi
cpu: 100m
---
apiVersion: v1
kind: Service
metadata:
labels:
k8s-app: docker-registry
name: docker-registry
namespace: kube-system
spec:
type: LoadBalancer
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
selector:
k8s-app: docker-registry
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: docker-registry
namespace: kube-system
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: 2000m # support large images
spec:
ingressClassName: nginx
rules:
- host: docker-registry.kubemaster.me
http:
paths:
- path: /
pathType: Prefix
backend:
serviceName: docker-registry
servicePort: 80
P.S- 我为开发目的部署本地 Kubernetes 集群的设置 - https://github.com/unfor19/kubernetes-localdev
放弃了这个想法,相反,我通过执行
使用 minikube 的 Docker 守护进程eval $(minikube docker-env)