GithubHelp home page GithubHelp logo

doytsujin / docker-registry-mirror Goto Github PK

View Code? Open in Web Editor NEW

This project forked from t83714/docker-registry-mirror

0.0 1.0 0.0 106 KB

Helm chart for a Docker registry. Successor to stable/docker-registry chart.

License: Apache License 2.0

HTML 100.00%

docker-registry-mirror's Introduction

Docker Registry Mirror Helm Chart

This directory contains a Kubernetes chart to deploy a private Docker Registry Mirror that will run the registry as a "pull through cache" and cache the requests to Docker hub. Please note, you cannot push to the docker registry when it works under "pull through cache" mode.

Since November 20, 2020, Anonymous and Free Docker Hub users are limited to 100 and 200 container image pull requests per six hours. To mitigate the impact of this limit, this Helm chart allows you to deploy a Docker Registry as registry mirror that can be used to cache pull request to docker hub.

Forked from https://github.com/twuni/docker-registry.helm

This Helm chart uses official Docker Registry image: https://hub.docker.com/_/registry/

Prerequisites Details

  • PV support on underlying infrastructure (if persistence is required)

Chart Details

This chart will do the following:

  • Implement a Docker registry deployment

Installing the Chart

First, add the repo:

$ helm repo add docker-registry-mirror https://t83714.github.io/docker-registry-mirror

To install the chart, use the following:

$ helm upgrade --install docker-registry-mirror docker-registry-mirror/docker-registry-mirror

Set username & password to remote registry (e.g. docker hub):

$ helm upgrade --install --set proxy.username=xxxx,proxy.password=xxx docker-registry-mirror docker-registry-mirror/docker-registry-mirror

Configure Minikube to use registry-mirror as Pull cache mirror

  1. Find nodePort allocated to the registry mirror:
kubectl get svc --all-namespaces --selector=app=docker-registry-mirror -oyaml | grep nodePort

This command will list the nodePort assign to your registry mirror service.

To verify the nodePort & registry mirror installation:

# Log into Minikube VM via SSH
minikube ssh
curl http://localhost:xxxxx/v2/_catalog

Here, xxxxx is the nodePort number we just find out via "kubectl" command.

We should see:

{"repositories":[]}
  1. Edit minikube configuration to use registry mirror

Open minikube configuration file: ~/.minikube/machines/minikube/config.json.

Under key HostOptions.EngineOptions, add or replace (if exists) key RegistryMirror as:

"RegistryMirror": [
    "http://localhost:xxxxx"
]

Here, xxxxx is the nodePort number we find out via "kubectl" command in step 1.

  1. Restart minikube
# Apply the config and restart minikube
minikube stop
minikube start

After restart, you should see docker pull requests appearing in docker registry mirror pod logs.

Configuration

The following table lists the configurable parameters of the docker-registry chart and their default values.

Parameter Description Default
proxy.remoteurl The url of the remote docker registry to be cached https://registry-1.docker.io
proxy.username Remote docker registry username (optional) nil
proxy.password Remote docker registry password (optional) nil
image.pullPolicy Container pull policy IfNotPresent
image.repository Container image to use registry
image.tag Container image tag to deploy 2.7.1
imagePullSecrets Specify image pull secrets nil (does not add image pull secrets to deployed pods)
persistence.accessMode Access mode to use for PVC ReadWriteOnce
persistence.enabled Whether to use a PVC for the Docker storage false
persistence.deleteEnabled Enable the deletion of image blobs and manifests by digest nil
persistence.size Amount of space to claim for PVC 10Gi
persistence.storageClass Storage Class to use for PVC -
persistence.existingClaim Name of an existing PVC to use for config nil
service.port TCP port on which the service is exposed 5000
service.type service type ClusterIP
service.clusterIP if service.type is ClusterIP and this is non-empty, sets the cluster IP of the service nil
service.nodePort if service.type is NodePort and this is non-empty, sets the node port of the service nil
service.loadBalancerIP if service.type is LoadBalancer and this is non-empty, sets the loadBalancerIP of the service nil
service.loadBalancerSourceRanges if service.type is LoadBalancer and this is non-empty, sets the loadBalancerSourceRanges of the service nil
service.sessionAffinity service session affinity nil
service.sessionAffinityConfig service session affinity config nil
replicaCount k8s replicas 1
updateStrategy update strategy for deployment {}
podAnnotations Annotations for pod {}
podLabels Labels for pod {}
podDisruptionBudget Pod disruption budget {}
resources.limits.cpu Container requested CPU nil
resources.limits.memory Container requested memory nil
priorityClassName priorityClassName ""
storage Storage system to use filesystem
tlsSecretName Name of secret for TLS certs nil
secrets.htpasswd Htpasswd authentication nil
secrets.s3.accessKey Access Key for S3 configuration nil
secrets.s3.secretKey Secret Key for S3 configuration nil
secrets.swift.username Username for Swift configuration nil
secrets.swift.password Password for Swift configuration nil
haSharedSecret Shared secret for Registry nil
configData Configuration hash for docker nil
s3.region S3 region nil
s3.regionEndpoint S3 region endpoint nil
s3.bucket S3 bucket name nil
s3.encrypt Store images in encrypted format nil
s3.secure Use HTTPS nil
swift.authurl Swift authurl nil
swift.container Swift container nil
nodeSelector node labels for pod assignment {}
affinity affinity settings {}
tolerations pod tolerations []
ingress.enabled If true, Ingress will be created false
ingress.annotations Ingress annotations {}
ingress.labels Ingress labels {}
ingress.path Ingress service path /
ingress.hosts Ingress hostnames []
ingress.tls Ingress TLS configuration (YAML) []
extraVolumeMounts Additional volumeMounts to the registry container []
extraVolumes Additional volumes to the pod []
extraVars Pass extra environment variables to the Docker Registry container nil

Specify each parameter using the --set key=value[,key=value] argument to helm install.

To generate htpasswd file, run this docker command: docker run --entrypoint htpasswd registry:2 -Bbn user password > ./htpasswd.

docker-registry-mirror's People

Contributors

canterberry avatar rkevin-arch avatar skaronator avatar t83714 avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.