Versions Compared

Old Version 2

changes.mady.by.user Joe Pearson

Saved on

compared with

New Version 3

changes.mady.by.user David Booz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Either login as root or elevate to root with sudo -i

  2. The full hostname of your machine must contain at least two dots. Check the full hostname:

    hostname

  3. Install k3s:

    curl -sfL https://get.k3s.io | sh -

  4. Create the image registry service: <DAB> The formatting of these yaml files is incorrect. I think we should put these files into a source controlled repo, and create a script that performs these steps.</DAB>

    a. Create a file called k3s-persistent-claim.yml with this content

    apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: docker-registry-pvc
spec:
storageClassName: "local-path"
accessModes:
    - ReadWriteOnce
resources:
    requests:
    storage: 10Gi

    b. Create the persistent volume claim:

    kubectl apply -f k3s-persistent-claim.yml

    c. Verify that the persistent volume claim was created, and it is in “Pending” status

    kubectl get pvc

    d. Create a file called k3s-registry-deployment.yml with this content:

    apiVersion: apps/v1
kind: Deployment
metadata:
name: docker-registry
labels:
    app: docker-registry
spec:
replicas: 1
selector:
    matchLabels:
    app: docker-registry
template:
    metadata:
    labels:
        app: docker-registry
    spec:
    volumes:
    - name: registry-pvc-storage
        persistentVolumeClaim:
        claimName: docker-registry-pvc
    containers:
    - name: docker-registry
        image: registry
        ports:
        - containerPort: 5000
        volumeMounts:
        - name: registry-pvc-storage
        mountPath: /var/lib/registry
---
apiVersion: v1
kind: Service
metadata:
name: docker-registry-service
spec:
selector:
    app: docker-registry
type: NodePort
ports:
    - protocol: TCP
    port: 5000

    e. Create the registry deployment and service:

    kubectl apply -f k3s-registry-deployment.yml

    f. Verify that the docker-registry deployment and docker-registry-service service were created:

    kubectl get deployment
kubectl get service

    g. Define the registry endpoint:

    export REGISTRY_ENDPOINT=$(kubectl get service docker-registry-service | grep docker-registry-service | awk '{print $3;}'):5000
cat << EOF >> /etc/rancher/k3s/registries.yaml
mirrors:
"$REGISTRY_ENDPOINT":
    endpoint:
    - "http://$REGISTRY_ENDPOINT"
EOF

    h. Restart k3s to pick up the change to /etc/rancher/k3s/registries.yaml:

    systemctl restart k3s

  5. Install docker (if not already installed):

    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
apt-get install docker-ce docker-ce-cli containerd.io

  6. Install jq (if not already installed):

    apt-get install jq

  7. Define this registry to docker as an insecure registry:

    a. Run the following to define an insecure registry route using the value of the $REGISTRY_ENDPOINT environment variable obtained in the last step and append it to the /etc/docker/daemon.json file.

    echo "{
    \"insecure-registries\": [ \"$REGISTRY_ENDPOINT\" ]
}" >> /etc/docker/daemon.json

    b. Restart docker to pick up the change:

    systemctl restart docker

...