---
# System prepended metadata

title: 安裝 SUSE Private Registry on Kubeadm
tags: [rancher]

---

# 安裝 SUSE Private Registry on Kubeadm


## 安裝

* 使用自己的帳號及密碼創建一個 secret
```
$ kubectl create ns suse-private-registry

$ kubectl -n suse-private-registry create secret docker-registry suse-registry \
  --docker-server=registry.suse.com --docker-username=<SUSE_REGISTRY_USERNAME> \
  --docker-password=<SUSE_REGISTRY_PASSWORD>

$ kubectl -n suse-private-registry get secret
NAME            TYPE                             DATA   AGE
suse-registry   kubernetes.io/dockerconfigjson   1      2s
```

* 下載 chart，需先 login，同上
```
$ helm registry login registry.suse.com

$ helm pull oci://registry.suse.com/private-registry/private-registry-helm --version 1.0.0 --untar
```
* 編輯 values.yaml
```
$ mkdir suse-private-registry/

$ nano suse-private-registry/custom-values.yaml
global:
  imagePullSecrets:
  - suse-registry
expose:
  ingress:
    hosts:
      core: harbor.example.com
    annotations:
      nginx.ingress.kubernetes.io/force-ssl-redirect: "true"

externalURL: https://harbor.example.com

redis:
  internal:
    image:
      repository: private-registry/harbor-valkey

harborAdminPassword: harbor12345

portal:
  replicas: 1

core:
  replicas: 1

jobservice:
  replicas: 1

registry:
  replicas: 1

persistence:
  persistentVolumeClaim:
    registry:
      storageClass: nfs-delete
      size: 300Gi
    jobservice:
      jobLog:
        storageClass: nfs-delete
    database:
      storageClass: nfs-delete
    redis:
      storageClass: nfs-delete
    trivy:
      storageClass: nfs-delete

metrics:
  enabled: true

#proxy:
#  httpProxy: "http://192.168.11.11:3128"
#  httpsProxy: "http://192.168.11.11:3128"
#  noProxy: "127.0.0.1,localhost,192.168.11.0/24"
```


```
$ helm -n suse-private-registry install \
  suse-private-registry ./suse-private-registry \
  -f ./suse-private-registry/custom-values.yaml
```

* 檢查部署
```
$ kubectl -n suse-private-registry get pod
NAME                                                       READY   STATUS    RESTARTS      AGE
suse-private-registry-harbor-core-bf5d7f7bc-flnlk          1/1     Running   1 (64s ago)   2m26s
suse-private-registry-harbor-database-0                    1/1     Running   0             23m
suse-private-registry-harbor-jobservice-69b7f565db-b58hj   1/1     Running   0             28s
suse-private-registry-harbor-portal-5fb8b67c8c-7gt9z       1/1     Running   0             23m
suse-private-registry-harbor-redis-0                       1/1     Running   0             67s
suse-private-registry-harbor-registry-76966b4fbc-r5tt4     2/2     Running   0             2m26s
suse-private-registry-harbor-trivy-0                       1/1     Running   0             23m
```


## 登入 Harbor UI

* 獲取 admin 帳號密碼
```
$ kubectl get secret --namespace suse-private-registry suse-private-registry-harbor-core -o jsonpath="{.data.HARBOR_ADMIN_PASSWORD}" | base64 -d
Harbor12345
```



![image](https://hackmd.io/_uploads/SkVJHQd5xg.png)