Docker Image Registry Configuration
Introduction
To perform an installation without the system needing access to the internet, a local Docker registry must be created, and provisioned with the necessary docker images. These docker images are used to populate the Kubernetes pods once Kubernetes is installed, as well as providing the services installed during Common Services installation.
Prerequisites
Docker images for OCCNE 1.3 release must be pulled to the executing system.
- Docker is installed and docker commands can be run
- Make sure docker registry
is running
$ dockerps
- If not then creating a
local docker registry accessible by the target of the installation
$ docker run -d -p <port>:<port> --restart=always --name <registryname> registry:2
(For more directions refer:https://docs.docker.com/registry/deploying/)
References
Provision the registry with the necessary images
On the repo server that can reach the internet AND reach the registry, populate the registry with the following images:
Run the following commands on repo server to generate bastion, k8s install, and configure dependencies:
First retrieve the docker registry image which will be used by the bastion-host to serve up docker images to the rest of the cluster:
docker pull registry:2 docker tag registry:2 <registryaddress>:<port>/registry:2 docker push <registryaddress>:<port>/registry:2Then retrieve the lists of required docker images from each container :
docker run --rm -it -v /var/occne/<cluster>/:/host occne/<configure_install_image_name>:<1.3.0_tag> /getdeps/getdeps docker run --rm -it -v /var/occne/<cluster>/:/host occne/<k8s_install_image_name>:<1.3.0_tag> /getdeps/getdeps Example- $ docker run --rm -it -v /var/occne/rainbow/:/host occne/configure:1.3.0 /getdeps/getdeps $ docker run --rm -it -v /var/occne/rainbow/:/host occne/k8s_install:1.3.0 /getdeps/getdepsOnce the above command is successfully executed, go to /var/occne/<cluster>/artifacts directory and verify that there are retrieve_docker.sh script and k8s_docker_images.txt file in the directory and execute:
$ /var/occne/<cluster>/artifacts/retrieve_docker.sh docker.io <registryaddress>:<port> < /var/occne/<cluster>/artifacts/k8s_docker_images.txtOnce the above command is successfully executed, go to the /var/occne/<cluster>/artifacts directory and verify that there are retrieve_docker.sh script and config_docker_images.txt file in the directory and execute:
$ /var/occne/<cluster>/artifacts/retrieve_docker.sh docker.io <registryaddress>:<port> < /var/occne/<cluster>/artifacts/config_docker_images.txt
Verify the list of repositories in the docker registry
Access endpoint <registryaddress>:<port>/v2/_catalog using a browser
or
$ curl http://<registryaddress>:5000/v2/_catalog
$ {"repositories":["coredns/coredns","docker.elastic.co/elasticsearch/elasticsearch-oss","docker.elastic.co/kibana/kibana-oss","gcr.io/google-containers/fluentd-elasticsearch","gcr.io/google-containers/kube-apiserver","gcr.io/google-containers/kube-controller-manager","gcr.io/google-containers/kube-proxy","gcr.io/google-containers/kube-scheduler","gcr.io/google-containers/pause","gcr.io/google_containers/cluster-proportional-autoscaler-amd64","gcr.io/google_containers/metrics-server-amd64","gcr.io/google_containers/pause-amd64","gcr.io/kubernetes-helm/tiller","grafana/grafana","jaegertracing/jaeger-agent","jaegertracing/jaeger-collector","jaegertracing/jaeger-query","jimmidyson/configmap-reload","justwatch/elasticsearch_exporter","k8s.gcr.io/addon-resizer","lachlanevenson/k8s-helm","metallb/controller","metallb/speaker","nginx","prom/alertmanager","prom/prometheus","prom/pushgateway","quay.io/calico/cni","quay.io/calico/ctl","quay.io/calico/kube-controllers","quay.io/calico/node","quay.io/coreos/etcd","quay.io/coreos/kube-state-metrics","quay.io/external_storage/local-volume-provisioner","quay.io/jetstack/cert-manager-controller","quay.io/pires/docker-elasticsearch-curator","quay.io/prometheus/node-exporter"]}
