2.1 KiB
2.1 KiB
Catalog - Pricing and Availability
SQL
Docker
Create a Local Docker Registry with TLS
On one of the VMs (e.g oahu.chopark.home), set up a local Docker registry. Skip if a local registry already exists.
Prerequisite: Create a CA and a self-signed cert.
docker run -d --restart=always --name registry \
-v /opt/registry/certs:/certs \
-v /opt/registry/data:/var/lib/registry \
-e REGISTRY_HTTP_ADDR=0.0.0.0:443 \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/registry.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/registry.key \
-p 443:443 \
registry:2
Build a Docker Image
-
Create a
Dockerfile. Refer to theDockerfilein the root of this project. -
Then build the image.
# build an image
docker build -t catalog26 .
# verify the image
docker images | grep catalog26
# also try running it
docker run -d -p 5000:8080 -n catalog26 catalog26
- Tag for my registry.
docker tag catalog26 registry.chopark.home/catalog26
- Push to Registry
docker push registry.chopark.home/catalog26
Optional: If an https error is returned, make the following adjustments.
On Linux, edit /etc/docker/daemon.json:
{
"insecure-registries": ["registry.chopark.home"]
}
On Windows (Docker Desktop):
- Open Docker Desktop
- Go to Settings > Docker Engine
- Add to the JSON configuration
{
"insecure-registries": ["registry.chopark.home"]
}
Kubernetes
- Containerd (on all K8s nodes) for https connection problem
sudo tee /etc/containerd/certs.d/registry.chopark.home/hosts.toml <<EOF
server = "https://registry.chopark.home"
[host."https://registry.choparkhome"]
ca = "/usr/local/share/ca-certificates/regisry.chopark.home-ca.crt"
skip_verify = false
EOF
- Optional Image Pull - create crictl config
# Create crictl config
sudo tee /etc/crictl.yaml > /dev/null <<EOF
runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
timeout: 10
EOF
# Test crictl
sudo crictl version
# Pull image
sudo crictl pull registry.chopark.home/catalog26