Install
Latest
Copy snap install microk8s --classic
Specific version
Copy snap install microk8s --classic --channel=1.17/stable
Set group
Copy sudo usermod -a -G microk8s $USER
Logout from your workstation session and login again.
Useful commands
Get kubeconfig
Copy microk8s.config > $HOME/.kube/config
Reset cluster
Copy microk8s reset --destroy-storage
References
https://microk8s.io/docs/commands
Built-in Registry
Push
Pushing to this insecure registry may fail in some versions of Docker unless the daemon is explicitly configured to trust this registry. To address this we need to edit /etc/docker/daemon.json and add:
Copy {
"insecure-registries" : ["localhost:32000"]
}
Then restart docker.
Copy sudo systemctl restart docker
Enable registry, build and push image.
Copy microk8s enable registry #20Gi registry
#microk8s enable registry:size=40Gi
# Build image
docker build . -t localhost:32000/myimage:registry
# Or tag an existing image
#docker tag 1fe3d8f47868 localhost:32000/myimage:registry
docker push localhost:32000/myimage:registry
Deploy it.
Copy apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp
namespace: myapp
labels:
app: myapp
spec:
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- name: myapp
image: localhost:32000/myimage:registry
imagePullPolicy: Always
ports:
- containerPort: 8000
Remove
Run on your workstation:
Copy registry = localhost:32000
repositories = $( curl ${registry} /v2/_catalog )
for repo in $( echo "${repositories}" | jq -r '.repositories[]' ); do
echo $repo
tags = $( curl -sSL "http://${registry}/v2/${repo}/tags/list" | jq -r '.tags[]' )
for tag in $tags; do
echo $tag
curl -v -sSL -X DELETE "http://${registry}/v2/${repo}/manifests/$(
curl -sSL -I \
-H "Accept: application/vnd.docker.distribution.manifest.v2+json" \
"http://${registry}/v2/${repo}/manifests/$tag" \
| awk '$1 == "Docker-Content-Digest:" { print $2 }' \
| tr -d $'\r' \
)"
done
done
Then run:
Copy registry_pod=$(kubectl --namespace="container-registry" get pods --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
kubectl exec --namespace="container-registry" $registry_pod /bin/registry garbage-collect /etc/docker/registry/config.yml
Local private registry
Allow insecure registry:
Copy {
"insecure-registries" : ["172.17.0.1:5001"]
}
Restart docker.
Copy sudo systemctl restart docker
Stop microk8s
, backup and edit config file.
Copy microk8s stop
sudo cp /var/snap/microk8s/current/args/containerd-template.toml /var/snap/microk8s/current/args/containerd-template.toml-BKP
nano /var/snap/microk8s/current/args/containerd-template.toml
Add the following section.
Copy ...
[plugins."io.containerd.grpc.v1.cri".registry]
...
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
...
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."172.17.0.1:5001"]
endpoint = ["http://172.17.0.1:5001"]
Start microk8s
.
Start local registry.
Copy docker run -it --rm \
-e REGISTRY_HTTP_ADDR=0.0.0.0:5001 \
-p 5001:5001 \
--name local-registry \
registry:2
Tag and push image.
Copy docker tag ubuntu:18.04 172.17.0.1:5001/my-ubuntu:0.0.1
docker push 172.17.0.1:5001/my-ubuntu:0.0.1
curl 172.17.0.1:5001/v2/_catalog
Test it.
Copy microk8s kubectl run -it --rm tmp --image=172.17.0.1:5001/my-ubuntu:0.0.1
References
https://microk8s.io/docs/registry-private