Kubernetes : Use Private Registry2018/10/22 |
Use Docker Private Registry to pull Docker images from self Private Registry.
This example is based on the environment like follows.
-----------+---------------------------+--------------------------+------------ | | | eth0|10.0.0.30 eth0|10.0.0.51 eth0|10.0.0.52 +----------+-----------+ +-----------+----------+ +-----------+----------+ | [ dlp.srv.world ] | | [ node01.srv.world ] | | [ node02.srv.world ] | | Master Node | | Worker Node | | Worker Node | +----------------------+ +----------------------+ +----------------------+ |
[1] |
On the Node you'd like to run Private Registry Pod,
Run Docker Registry with authentication, refer to here of [1]-[4].
On this example, Registry Pod is runing on Master Node. |
[2] | Add Secret in Kubernetes. |
# login to the Registry once root@dlp:~# docker login dlp.srv.world:5000 Username: admin Password: Login Succeeded # then following file is generated root@dlp:~# ll ~/.docker/config.json -rw------- 1 root root 155 Oct 22 15:47 /root/.docker/config.json # BASE64 encode of the file root@dlp:~# cat ~/.docker/config.json | base64 ewoJImF1dGhzIjogewoJCSJkbHAuc3J2.....
root@dlp:~#
vi regcred.yml # create new # specify contents of BASE64 encoding above with one line for [.dockerconfigjson] section apiVersion: v1 kind: Secret data: .dockerconfigjson: ewoJImF1dGhzIjogewoJ..... metadata: name: regcred type: kubernetes.io/dockerconfigjson kubectl create -f regcred.yml secret "regcred" created root@dlp:~# kubectl get secrets NAME TYPE DATA AGE default-token-xmw6s kubernetes.io/service-account-token 3 77m regcred kubernetes.io/dockerconfigjson 1 4s |
[3] | To pull images from self Private Registry, Specify private image and Secret when deploying pods like follows. |
root@dlp:~# docker images dlp.srv.world:5000/nginx REPOSITORY TAG IMAGE ID CREATED SIZE dlp.srv.world:5000/nginx latest dbfc48660aeb 6 days ago 109MB
root@dlp:~#
vi private-nginx.yml apiVersion: v1 kind: Pod metadata: name: private-nginx spec: containers: - name: private-nginx # image on Private Registry image: dlp.srv.world:5000/nginx imagePullSecrets: # Secret name you added - name: regcred
root@dlp:~#
root@dlp:~# kubectl create -f private-nginx.yml pod "private-nginx" created kubectl get pods NAME READY STATUS RESTARTS AGE private-nginx 1/1 Running 0 5sroot@dlp:~# kubectl describe pods private-nginx Name: private-nginx Namespace: default Priority: 0 PriorityClassName: <none> Node: node02.srv.world/10.0.0.52 Start Time: Mon, 22 Oct 2018 15:54:31 +0900 Labels: <none> Annotations: <none> Status: Running IP: 10.244.2.5 Containers: private-nginx: Container ID: docker://15236772cdfa400546ee4f9392f394b71a2419... Image: dlp.srv.world:5000/nginx Image ID: docker-pullable://dlp.srv.world:5000/nginx@sha2... ..... ..... Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 18s default-scheduler Successfully assigned default/private-nginx to node02.srv.world Normal Pulling 17s kubelet, node02.srv.world pulling image "dlp.srv.world:5000/nginx" Normal Pulled 17s kubelet, node02.srv.world Successfully pulled image "dlp.srv.world:5000/nginx" Normal Created 17s kubelet, node02.srv.world Created container Normal Started 17s kubelet, node02.srv.world Started container |
Sponsored Link |
|