-
Notifications
You must be signed in to change notification settings - Fork 6
/
kind-with-registry.sh
executable file
·100 lines (90 loc) · 2.93 KB
/
kind-with-registry.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
#!/bin/sh
set -o errexit
hostIp() {
# This works on both macOS and Linux
ifconfig -a | awk '/^(en|wl)/,/(inet |status|TX error)/ { if ($1 == "inet") { print $2; exit; } }'
}
# Create registry container unless it already exists
ROOT=$(cd $(dirname $0) && pwd)
REG_NAME='kind-registry'
REG_PORT='5000'
REGISTRY="$(hostIp):$REG_PORT"
running="$(docker inspect -f '{{.State.Running}}' "${REG_NAME}" 2>/dev/null || true)"
if [ "${running}" != 'true' ]; then
echo "Creating local registry at $REGISTRY: user = admin, password = admin"
docker run \
--detach \
-v "$ROOT/auth:/auth" \
-e "REGISTRY_AUTH=htpasswd" \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" \
--name "$REG_NAME" \
--publish "${REG_PORT}":5000 \
registry:2
fi
# Configure insecure registry if config file not present
# (This can only work on Linux)
if test -d /etc/docker && test ! -f /etc/docker/daemon.json
then
echo "Creating /etc/docker/daemon.json with $REGISTRY added as insecure registry"
sudo tee /etc/docker/daemon.json > /dev/null <<EOF
{ "insecure-registries": ["$REGISTRY"] }
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
else
cat <<EOF
Make sure that the following is added to /etc/docker/daemon.json
(on Linux), merged in with existing configuration:
{ "insecure-registries": ["$REGISTRY"] }
With Docker Desktop on macOS this can be added to the 'Docker Engine'
configuration under 'Preferences'.
EOF
fi
# create a cluster with the local registry enabled in containerd
cat <<EOF | kind create cluster --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
containerdConfigPatches:
- |-
[plugins."io.containerd.grpc.v1.cri".registry]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."${REGISTRY}"]
endpoint = ["http://${REGISTRY}"]
[plugins."io.containerd.grpc.v1.cri".registry.configs]
[plugins."io.containerd.grpc.v1.cri".registry.configs."${REGISTRY}".tls]
insecure_skip_verify = true
name: tap
nodes:
- role: control-plane
- role: worker
extraPortMappings:
- containerPort: 31443
hostPort: 443
- containerPort: 31080
hostPort: 80
- containerPort: 30053
listenAddress: "127.0.0.1"
hostPort: 53
protocol: udp
- containerPort: 30053
listenAddress: "127.0.0.1"
hostPort: 53
protocol: tcp
EOF
# Connect the registry to the cluster network
# (the network may already be connected)
docker network connect "kind" "${REG_NAME}" || true
# Document the local registry
# https://github.com/kubernetes/enhancements/tree/master/keps/sig-cluster-lifecycle/generic/1755-communicating-a-local-registry
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ConfigMap
metadata:
name: local-registry-hosting
namespace: kube-public
data:
localRegistryHosting.v1: |
host: "${REGISTRY}"
help: "https://kind.sigs.k8s.io/docs/user/local-registry/"
EOF