0

I am trying to create a private docker registry in Kubernetes that can be used by Kubernetes to pull images from.

Although I have tried many references but none work, so currently I am referring to this.

Basically:

  1. Create a separate namespace
  2. Create credentials for authentication
  3. Request a Persistent Volume Claim (PVC)

This is the pvc.yaml:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: docker-registry-pvc
  namespace: docker-registry
spec:
  accessModes:
    - ReadWriteOnce
  volumeMode: Filesystem
  resources:
    requests:
      storage: 10Gi
  • Deployment:
kubectl apply -f pvc.yaml --namespace docker-registry
  1. Then I try to add the registry
helm repo add twuni https://helm.twun.io

helm repo update


helm search repo docker-registry

This is it's configuration file values.yaml:

---
replicaCount: 1
persistence:
  enabled: true
  size: 10Gi # <- adapt this value with the size you want to use
  deleteEnabled: true
  existingClaim: docker-registry-pvc # <- here we specify the pvc we created earlier
secrets:
  htpasswd: myuser:$2y$05$mDso3c3.tzcPUAE5NQsqmuYX0JoP8ihttoNBa59VaFPn8Dz6RQbkS # <- This is the username / password we created in the security section. You can replace this with your own username and password
ingress:
  enabled: true
  className: traefik
  path: /
  hosts:
    - registry.example.org   tls:
    - secretName: docker-registry-tls
      hosts:
        - registry.example.org

But when it comes to the deployment part:

helm install -f values.yml docker-registry --namespace docker-registry twuni/docker-registry

I face this error:

Error: INSTALLATION FAILED: failed to create resource: Ingress.networking.k8s.io "docker-registry" is invalid: [spec.rules[0].host: Invalid value: "map[127.0.0.1 tls:]": a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. 'example.com', regex used for validation is 'a-z0-9?(.a-z0-9?)'), spec.rules[1].host: Invalid value: "map[hosts:[127.0.0.1] secretName:docker-registry-tls]": a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. 'example.com', regex used for validation is 'a-z0-9?(.a-z0-9?)')]

I am aware that this might be happening either because of the "registry.example.org" in the values.yaml or "docker-registry" in deployment command "helm install -f values.yaml docker-registry --namespace docker-registry twuni/docker-registry", but I am not sure.

I have faced this error in few of the other articles as well.

I have tried to fill other values, but I can't seem to come across a resource which gets me through this.

Any help?

Peter Turner
  • 1,482
  • 4
  • 18
  • 39
Vinay Sheel Sagar
  • 1

1 Answers1

1

You encountered an error due to an incorrect configuration in the values.yaml file for the ingress section. Specifically, the issue is with the host definition under spec.rules. First, create a namespace called docker-registry.

kubectl create namespace docker-registry

Create a pvc.yaml file to define the Persistent Volume Claim.

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: docker-registry-pvc
  namespace: docker-registry
spec:
  accessModes:
    - ReadWriteOnce
  volumeMode: Filesystem
  resources:
    requests:
      storage: 10Gi

Apply the PVC configuration:

kubectl apply -f pvc.yaml --namespace docker-registry

Add the twuni Helm repository and update it.

helm repo add twuni https://helm.twun.io
helm repo update

Create a values.yaml file to configure the Helm chart. Make sure to fix the ingress configuration.

replicaCount: 1

persistence:
  enabled: true
  size: 10Gi
  deleteEnabled: true
  existingClaim: docker-registry-pvc


secrets:
  htpasswd: myuser:$2y$05$mDso3c3.tzcPUAE5NQsqmuYX0JoP8ihttoNBa59VaFPn8Dz6RQbkS


ingress:
  enabled: true
  className: traefik
  path: /
  hosts:
    - registry.example.org
  tls:
    - secretName: docker-registry-tls
      hosts:
        - registry.example.org

Install the Docker registry Helm chart with the configured values.yaml.

helm install -f values.yaml docker-registry --namespace docker-registry twuni/docker-registry

Ensure registry.example.org is a valid domain name. If you are using a local environment, you might want to use a real domain name or an appropriate local setup. Ensure you have an ingress controller like Traefik or NGINX installed and configured in your Kubernetes cluster. If you are using TLS, make sure the docker-registry-tls secret exists and is properly configured with your certificate and key.

If you do not have a TLS secret, you can create a self-signed certificate and use it.

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=registry.example.org"

kubectl create secret tls docker-registry-tls --key tls.key --cert tls.crt --namespace docker-registry
Sissi_00_20
  • 33
  • 1
  • 1
  • 5