github.com/alibaba/sealer@v0.8.6-0.20220430115802-37a2bdaa8173/docs/site/src/zh/advanced/registry-configuration.md

github.com/alibaba/sealer@v0.8.6-0.20220430115802-37a2bdaa8173/docs/site/src/zh/advanced/registry-configuration.md (about)

     1  # 集群镜像 registry 配置
     2  
     3  集群镜像在制作时将依赖的镜像缓存在集群镜像之中，通过集群镜像安装集群时将启动包含镜像缓存数据的registry
     4  
     5  ## 自定义config文件配置集群registry:
     6  
     7  Clusterfile:
     8  
     9  ```yaml
    10  apiVersion: sealer.aliyun.com/v1alpha1
    11  kind: Cluster
    12  metadata:
    13    name: my-cluster
    14  spec:
    15    image: registry.cn-qingdao.aliyuncs.com/sealer-io/kubernetes:v1.19.8
    16    provider: BAREMETAL
    17  ...
    18  ...
    19  ---
    20  apiVersion: sealer.aliyun.com/v1alpha1
    21  kind: Config
    22  metadata:
    23    name: registry_config
    24  spec:
    25    path: etc/registry_config.yml
    26    data: |
    27      version: 0.1
    28      log:
    29        fields:
    30          service: registry
    31      storage:
    32        cache:
    33          blobdescriptor: inmemory
    34        filesystem:
    35          rootdirectory: /var/lib/registry
    36      http:
    37        addr: :5000
    38        headers:
    39          X-Content-Type-Options: [nosniff]
    40      proxy:
    41        on: true
    42      health:
    43        storagedriver:
    44          enabled: true
    45          interval: 10s
    46          threshold: 3
    47  ```
    48  
    49  ```shell
    50  #sealer将会在registry启动前将data中的数据写入到`$rootfs/etc/registry_config.yml`文件，在启动registry时将该文件挂载到registry的config文件`/etc/docker/registry/config.yml`。
    51  #docker run ... -v $rootfs/etc/registry_config.yml:/etc/docker/registry/config.yml registry:2.7.1
    52  sealer apply -f Clusterfile
    53  ```
    54  
    55  ## 自定义registry域名，端口，用户名及密码：
    56  
    57  Clusterfile:
    58  
    59  ```yaml
    60  apiVersion: sealer.aliyun.com/v1alpha1
    61  kind: Cluster
    62  metadata:
    63    name: my-cluster
    64  spec:
    65    image: registry.cn-qingdao.aliyuncs.com/sealer-io/kubernetes:v1.19.8
    66    provider: BAREMETAL
    67  ...
    68  ...
    69  ---
    70  apiVersion: sealer.aliyun.com/v1alpha1
    71  kind: Config
    72  metadata:
    73    name: registry_passwd
    74  spec:
    75    path: etc/registry.yml
    76    data: |
    77      domain: sea.hub
    78      port: "5000"
    79      username: sealerUser
    80      password: sealerPWD
    81  ```
    82  
    83  ```shell
    84  #sealer将生成该认证的加密密码并写入`$rootfs/etc/registry_htpasswd`文件，在registry启动时将会挂载该文件并设置认证为htpasswd。
    85  #docker run ... \
    86  #        -v $rootfs/etc/registry_htpasswd:/htpasswd \
    87  #        -e REGISTRY_AUTH=htpasswd \
    88  #        -e REGISTRY_AUTH_HTPASSWD_PATH=/htpasswd \
    89  #        -e REGISTRY_AUTH_HTPASSWD_REALM="Registry Realm" registry:2.7.1
    90  sealer apply -f Clusterfile
    91  ```