Having a private docker registry can significantly improve your productivity by reducing the time spent in uploading and downloading docker images. The registry shipped with MicroK8s is hosted within the kubernetes cluster and is exposed as a NodePort service on port 32000
of the localhost
. Note that this is an insecure registry and you may need to take extra steps to limit access to it.
You can install the registry with:
microk8s.enable registry
As you can see in the applied manifest a 20Gi
persistent volume is claimed for storing images. To satisfy this claim the storage addon is also enabled along with the registry.
The docker daemon used by MicroK8s is configured to trust this insecure registry. It is on this daemon we will have to talk to when we want to upload images. The easiest way to do so is by using the microk8s.docker
client:
microk8s.docker pull busybox
microk8s.docker tag busybox localhost:32000/my-busybox
microk8s.docker push localhost:32000/my-busybox
If you prefer to use an external docker client you should point it to the socket dockerd is listening on:
docker -H unix:///var/snap/microk8s/current/docker.sock ps
To consume an image from the local registry we need to reference it in our yaml manifests:
apiVersion: v1
kind: Pod
metadata:
name: busybox
namespace: default
spec:
containers:
- name: busybox
image: localhost:32000/my-busybox
command:
- sleep
- "3600"
imagePullPolicy: IfNotPresent
restartPolicy: Always
- Insecure registry: https://docs.docker.com/registry/insecure/
- Test a registry: https://docs.docker.com/registry/deploying/#copy-an-image-from-docker-hub-to-your-registry