共计 1898 个字符,预计需要花费 5 分钟才能阅读完成。
1. 搭建测试环境
mkdir test && cd test && mkdir registry
# 默认账号密码 admin admin
docker run -it --rm --entrypoint htpasswd registry:2.7.0 -Bbn admin admin > htpasswd
docker run -itd -p 5000:5000 --restart=always --name registry \
-v pwd
/registry:/var/lib/registry \
-v pwd
/htpasswd:/auth/htpasswd \
-e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" registry:2.7.0
2. 设置 containerd 配置文件
vim /etc/containerd/config.toml
containerd 配置
[plugins."io.containerd.grpc.v1.cri".registry]
# config_path = "/etc/containerd/certs.d" 不能和下面配置文件同时存在
[plugins."io.containerd.grpc.v1.cri".registry.auths]
[plugins."io.containerd.grpc.v1.cri".registry.configs]
[plugins."io.containerd.grpc.v1.cri".registry.configs."10.130.59.18:5000".auth]
username = "admin"
password = "admin"
[plugins."io.containerd.grpc.v1.cri".registry.headers]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."test-registry.study-k8s.com"]
endpoint = ["http://10.130.59.18:5000"]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."10.130.59.18:5000"]
endpoint = ["http://10.130.59.18:5000"]
3. docker 登录仓库,推送镜像
docker login -u admin 10.130.59.18:5000
# 输入密码 admin
# 10.130.59.18 是内网IP
docker pull alpine:3.12
docker tag alpine:3.12 10.130.59.18:5000/library/alpine:3.12
docker push 10.130.59.18:5000/library/alpine:3.12
echo "10.130.59.18 test-registry.study-k8s.com" >> /etc/hosts
4. k8s 验证
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-deployment
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- command:
- sh
- -c
- sleep 99999
image: test-registry.study-k8s.com/library/alpine:3.12
imagePullPolicy: IfNotPresent
name: alpine-container1
- command:
- sh
- -c
- sleep 99999
image: 10.130.59.18:5000/library/alpine:3.12
imagePullPolicy: IfNotPresent
name: alpine-container2
5. 参考
正文完