Kubernetes : Use Private Registry2019/08/26 |
Use Docker Private Registry to pull Docker images from self Private Registry.
This example is based on the environment like follows.
-----------+---------------------------+--------------------------+------------ | | | eth0|10.0.0.30 eth0|10.0.0.51 eth0|10.0.0.52 +----------+-----------+ +-----------+----------+ +-----------+----------+ | [ dlp.srv.world ] | | [ node01.srv.world ] | | [ node02.srv.world ] | | Master Node | | Worker Node | | Worker Node | +----------------------+ +----------------------+ +----------------------+ |
[1] |
On the Node you'd like to run Private Registry Pod,
Run Docker Registry with authentication, refer to here of [1]-[4].
On this example, Registry Pod is runing on Master Node. |
[2] | Add Secret in Kubernetes. |
# login to the Registry once root@dlp:~# docker login dlp.srv.world:5000 Username: admin Password: Login Succeeded # then following file is generated root@dlp:~# ll ~/.docker/config.json -rw------- 1 root root 152 Aug 26 13:42 /root/.docker/config.json # BASE64 encode of the file root@dlp:~# cat ~/.docker/config.json | base64 ewoJImF1dGhzIjogewoJCSJkb.....
root@dlp:~#
vi regcred.yml # create new # specify contents of BASE64 encoding above with one line for [.dockerconfigjson] section apiVersion: v1 kind: Secret data: .dockerconfigjson: ewoJImF1dGhzIjogewoJ..... metadata: name: regcred type: kubernetes.io/dockerconfigjson kubectl create -f regcred.yml secret "regcred" created root@dlp:~# kubectl get secrets NAME TYPE DATA AGE default-token-tmkxz kubernetes.io/service-account-token 3 135m regcred kubernetes.io/dockerconfigjson 1 7s |
[3] | To pull images from self Private Registry, Specify private image and Secret when deploying pods like follows. |
root@dlp:~# docker images dlp.srv.world:5000/nginx REPOSITORY TAG IMAGE ID CREATED SIZE dlp.srv.world:5000/nginx latest 5a3221f0137b 10 days ago 126MB
root@dlp:~#
vi private-nginx.yml apiVersion: v1 kind: Pod metadata: name: private-nginx spec: containers: - name: private-nginx # image on Private Registry image: dlp.srv.world:5000/nginx imagePullSecrets: # Secret name you added - name: regcred
root@dlp:~#
root@dlp:~# kubectl create -f private-nginx.yml pod "private-nginx" created kubectl get pods NAME READY STATUS RESTARTS AGE private-nginx 1/1 Running 0 6sroot@dlp:~# kubectl describe pods private-nginx Name: private-nginx Namespace: default Priority: 0 Node: node02.srv.world/10.0.0.52 Start Time: Mon, 26 Aug 2019 13:46:41 +0900 Labels: <none> Annotations: <none> Status: Running IP: 10.244.2.6 Containers: private-nginx: Container ID: docker://91cb9af6c062e34fee66f0c1dbbdec41d934b5cf18e0db0b47837a26bbcba52f Image: dlp.srv.world:5000/nginx ..... ..... Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 42s default-scheduler Successfully assigned default/private-nginx to node02.srv.world Normal Pulling 41s kubelet, node02.srv.world Pulling image "dlp.srv.world:5000/nginx" Normal Pulled 41s kubelet, node02.srv.world Successfully pulled image "dlp.srv.world:5000/nginx" Normal Created 41s kubelet, node02.srv.world Created container private-nginx Normal Started 40s kubelet, node02.srv.world Started container private-nginx |
Sponsored Link |
|