安裝 SUSE Private Registry on Kubeadm

# 安裝 SUSE Private Registry on Kubeadm ## 安裝 * 使用自己的帳號及密碼創建一個 secret ``` $ kubectl create ns suse-private-registry $ kubectl -n suse-private-registry create secret docker-registry suse-registry \ --docker-server=registry.suse.com --docker-username=<SUSE_REGISTRY_USERNAME> \ --docker-password=<SUSE_REGISTRY_PASSWORD> $ kubectl -n suse-private-registry get secret NAME TYPE DATA AGE suse-registry kubernetes.io/dockerconfigjson 1 2s ``` * 下載 chart，需先 login，同上 ``` $ helm registry login registry.suse.com $ helm pull oci://registry.suse.com/private-registry/private-registry-helm --version 1.0.0 --untar ``` * 編輯 values.yaml ``` $ mkdir suse-private-registry/ $ nano suse-private-registry/custom-values.yaml global: imagePullSecrets: - suse-registry expose: ingress: hosts: core: harbor.example.com annotations: nginx.ingress.kubernetes.io/force-ssl-redirect: "true" externalURL: https://harbor.example.com redis: internal: image: repository: private-registry/harbor-valkey harborAdminPassword: harbor12345 portal: replicas: 1 core: replicas: 1 jobservice: replicas: 1 registry: replicas: 1 persistence: persistentVolumeClaim: registry: storageClass: nfs-delete size: 300Gi jobservice: jobLog: storageClass: nfs-delete database: storageClass: nfs-delete redis: storageClass: nfs-delete trivy: storageClass: nfs-delete metrics: enabled: true #proxy: # httpProxy: "http://192.168.11.11:3128" # httpsProxy: "http://192.168.11.11:3128" # noProxy: "127.0.0.1,localhost,192.168.11.0/24" ``` ``` $ helm -n suse-private-registry install \ suse-private-registry ./suse-private-registry \ -f ./suse-private-registry/custom-values.yaml ``` * 檢查部署 ``` $ kubectl -n suse-private-registry get pod NAME READY STATUS RESTARTS AGE suse-private-registry-harbor-core-bf5d7f7bc-flnlk 1/1 Running 1 (64s ago) 2m26s suse-private-registry-harbor-database-0 1/1 Running 0 23m suse-private-registry-harbor-jobservice-69b7f565db-b58hj 1/1 Running 0 28s suse-private-registry-harbor-portal-5fb8b67c8c-7gt9z 1/1 Running 0 23m suse-private-registry-harbor-redis-0 1/1 Running 0 67s suse-private-registry-harbor-registry-76966b4fbc-r5tt4 2/2 Running 0 2m26s suse-private-registry-harbor-trivy-0 1/1 Running 0 23m ``` ## 登入 Harbor UI * 獲取 admin 帳號密碼 ``` $ kubectl get secret --namespace suse-private-registry suse-private-registry-harbor-core -o jsonpath="{.data.HARBOR_ADMIN_PASSWORD}" | base64 -d Harbor12345 ``` ![image](https://hackmd.io/_uploads/SkVJHQd5xg.png)