# Ref:- /kra-data/setup/downloads/services # cd /kra-data/ndml-kra.devops/setup/services/devops/private-repo # Setup Docker Private-registry on App server 1. - private-repo:5000 { X.X.X.X} -> It will act as Docker private Registry Server. - Update the /etc/hosts file in case DNS server is not configured so that servers can be reachable with their respective hostname or dns name. X.X.X.X private-repo - Let’s first download the registry container using beneath command, $docker pull registry - Once the image is downloaded verify which commands will be executed when we start registry container image. $docker history registry - Now start the registry container using below command, $docker run -dit -p 5000:5000 --name registry --restart=always -v /path/on/host:/path/in/container registry - Above Command will start the registry container with name registry and also we set the patting rule so that if any request comes to ‘private-repo‘ on 5000 port then request will be redirected to registry container on 5000 port. - Tag docker container image to upload private registry server, $docker pull ubuntu:22.04 $docker tag ubuntu:22.04 private-repo:5000/ubuntu:22.04 - Change the docker push https connection to http. Whenever we use ‘docker push’ command it will try to make https connection to the registry server but in case of private registry server setup, it accepts only http connection from the client, Edit the file “/usr/lib/systemd/system/docker.service” and change the parameter, ExecStart=/usr/bin/dockerd to ExecStart=/usr/bin/dockerd --insecure-registry private-repo:5000 - Reload daemon service and restart Docker service $systemctl daemon-reload $systemctl restart docker - Now upload the image to private registry server using beneath command, $docker push private-repo:5000/ubuntu:22.04 You will get output like this The push refers to a repository [private-repo:5000/ubuntu] 56827159aa8b: Pushed 440e02c3dcde: Pushed 29660d0e5bb2: Pushed 85782553e37a: Pushed 745f5be9952c: Pushed 16.04: digest: sha256:6b079ae764a6affcb632231349d4a5e1b084bece8c46883c099863ee2aeb5cf8 size: 1357 - Download Docker Container image from Private Registry Server, $docker pull private:repo:5000/ubuntu:22.04 - verify the image with ‘docker images‘ command ---------------------------------------------------------------------------- # private registry setup for K8s - Create config.toml file, if not available $sudo containerd config default > /etc/containerd/config.toml - Edit /etc/containerd/config.toml # /etc/containerd/config.toml # Find the below section and change :5000 to your registry url [plugins."io.containerd.grpc.v1.cri".registry] [plugins."io.containerd.grpc.v1.cri".registry.mirrors] [plugins."io.containerd.grpc.v1.cri".registry.mirrors.":5000"] endpoint = ["http://:5000"] [plugins."io.containerd.grpc.v1.cri".registry.configs] [plugins."io.containerd.grpc.v1.cri".registry.configs.":5000".tls] insecure_skip_verify = true #Output- [plugins."io.containerd.grpc.v1.cri".registry] config_path = "" [plugins."io.containerd.grpc.v1.cri".registry.auths] [plugins."io.containerd.grpc.v1.cri".registry.configs] [plugins."io.containerd.grpc.v1.cri".registry.configs."private-repo:5000".tls] insecure_skip_verify = true [plugins."io.containerd.grpc.v1.cri".registry.headers] [plugins."io.containerd.grpc.v1.cri".registry.mirrors] [plugins."io.containerd.grpc.v1.cri".registry.mirrors."private-repo:5000"] endpoint = ["http://private-repo:5000"] - Restart containerd and kubelet $systemctl restart containerd $systemctl restart kubelet