apiv1

Deploy (on server)

alias htpassgen='htpasswd -Bbn'
alias htpassgen='docker run --rm -i httpd:2 htpasswd -Bbn'
alias htpassgen='kubectl run --rm -i --image=httpd:2 --restart=Never -q htpasswd -- htpasswd -Bbn'
# 3 choose 1

# install ingres-nginx
kubectl apply -f https://apiv1.github.io/K8s/helm/ingress-nginx.yml # optional
# or
kubectl apply -f K8s/helm/ingress-nginx.yml

# install
kubectl apply -f https://apiv1.github.io/K8s/registry/deployment.yml # optional
# or
kubectl apply -f K8s/registry/deployment.yml

# set REGISTRY_USER, REGISTRY_PASSWORD
kubectl exec -it deploy/registry -- sh -c "echo '$(htpassgen $REGISTRY_USERNAME $REGISTRY_PASSWORD)' > /auth/htpasswd"
kubectl rollout restart deploy/registry

setting image.registry ip (on client)

sed -i "/.*#.*SETTING.*image\.registry.*/d" /etc/hosts
echo $IMAGE_REGISTRY_IP' image.registry # SETTING: image.registry' >> /etc/hosts

set image.registry as registry ip

daemon.json (for docker, on client)

{
  "insecure-registries": ["image.registry"],
  ...
}

registry secret (for k8s)

REGISTRY_SERVER=image.registry # default
kubectl delete secret image.registry.secret
kubectl create secret docker-registry image.registry.secret --docker-server=$REGISTRY_SERVER --docker-username=$REGISTRY_USERNAME --docker-password=$REGISTRY_PASSWORD

using secret

    spec:
      imagePullSecrets:
        - name: image.registry.secret

private-registry (for k3s server)

from https://docs.rancher.cn/docs/k3s/installation/private-registry/_index/

registries.yaml

mirrors:
  "image.registry":
    endpoint:
      - "http://image.registry"
configs:
  "image.registry":
    auth:
      username: $USERNAME
      password: $PASSWORD

registries-with-mirror.yaml

mirrors:
  "image.registry":
    endpoint:
      - "http://image.registry"
  "docker.io":
    endpoint:
      - "http://image.registry"
configs:
  "image.registry":
    auth:
      username: $USERNAME
      password: $PASSWORD