Learn how to set up a private Docker registry with a user-friendly UI! This guide walks you through deploying a Docker Registry 2.8.2 and the Joxit Docker Registry UI using Kubernetes, including necessary configurations for secure access and persistent storage.
Check out the GitHub repo for the Registry UI!
Download images
docker pull joxit/docker-registry-ui:main
docker pull registry:2.8.2
Write kubernetes yaml file
1、 registry-server.yaml
apiVersion: v1
kind: Service
metadata:
name: registry-server
spec:
type: NodePort
selector:
app: registry-server
ports:
- protocol: TCP
port: 5000
targetPort: 5000
nodePort: 31284
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: registry-server
spec:
replicas: 1
selector:
matchLabels:
app: registry-server
template:
metadata:
labels:
app: registry-server
spec:
containers:
- name: registry-server
image: registry:2.8.2
imagePullPolicy: IfNotPresent
ports:
- containerPort: 5000
env:
- name: REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin
value: "['*']"
- name: REGISTRY_HTTP_HEADERS_Access-Control-Allow-Methods
value: "[HEAD,GET,OPTIONS,DELETE]"
- name: REGISTRY_HTTP_HEADERS_Access-Control-Allow-Credentials
value: "[true]"
- name: REGISTRY_HTTP_HEADERS_Access-Control-Allow-Headers
value: "[Authorization,Accept,Cache-Control]"
- name: REGISTRY_HTTP_HEADERS_Access-Control-Expose-Headers
value: "[Docker-Content-Digest]"
- name: REGISTRY_STORAGE_DELETE_ENABLED
value: "true"
volumeMounts:
- name: nfs-registry-server
mountPath: /var/lib/registry
volumes:
- name: nfs-registry-server
persistentVolumeClaim:
claimName: registry-server-pvc
2、 registry-ui.yaml
apiVersion: v1
kind: Service
metadata:
name: registry-ui
spec:
type: NodePort
selector:
app: registry-ui
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 31285
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: registry-ui
spec:
replicas: 1
selector:
matchLabels:
app: registry-ui
template:
metadata:
labels:
app: registry-ui
spec:
containers:
- name: registry-ui
image: joxit/docker-registry-ui:main
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
env:
- name: SINGLE_REGISTRY
value: "true"
- name: REGISTRY_TITLE
value: Docker Registry UI
- name: DELETE_IMAGES
value: "true"
- name: SHOW_CONTENT_DIGEST
value: "true"
- name: NGINX_PROXY_PASS_URL
value: http://192.168.1.102:31284
- name: SHOW_CATALOG_NB_TAGS
value: "true"
- name: CATALOG_MIN_BRANCHES
value: "1"
- name: CATALOG_MAX_BRANCHES
value: "1"
- name: TAGLIST_PAGE_SIZE
value: "100"
- name: REGISTRY_SECURED
value: "false"
- name: CATALOG_ELEMENTS_LIMIT
value: "1000"
3、 registry-server-pv-pvc.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: registry-server-pv
labels:
type: registry-server
spec:
capacity:
storage: 300Gi
accessModes:
- ReadWriteMany
nfs:
server: 192.168.52.110
path: /run/media/MyThings/ServiceData/registry-server-data
persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: registry-server-pvc
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 300Gi
selector:
matchLabels:
type: registry-server
Deploy Services
kubectl create -f registry-server-pv-pvc.yaml
kubectl create -f registry-server.yaml
kubectl create -f registry-ui.yaml
Configure Docker Daemon
1、 modify docker deamon.json file to allow http
vim /etc/docker/daemon.json
2、 restart docker.service to apply modification
sudo systemctl daemon-reload
sudo systemctl restart docker.service
3、 check docker succesfully added insecure registries
docker system info
