gregandev
/
k3d
mirror of https://github.com/k3d-io/k3d
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Little helper to run CNCF's k3s in Docker
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
162 Commits
25 Branches
165 Tags
70 MiB
 
 
 
 
Tag: Branch: Tree: 9a14ca97e1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9a14ca97e1'
${ noResults }
k3d/usage/guides/registries/index.html

1035 lines
41 KiB
Raw Blame History

<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="description" content="Little helper to run Rancher Lab's k3s in Docker">
<link rel="canonical" href="https://k3d.io/usage/guides/registries/">
<link rel="shortcut icon" href="../../../static/img/favicons_black_blue/favicon.png">
<meta name="generator" content="mkdocs-1.1.2, mkdocs-material-7.0.5">
<title>Registries - k3d</title>
<link rel="stylesheet" href="../../../assets/stylesheets/main.77f3fd56.min.css">
<link rel="stylesheet" href="../../../assets/stylesheets/palette.7fa14f5b.min.css">
<meta name="theme-color" content="#000000">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,400,400i,700%7CRoboto+Mono&display=fallback">
<style>:root{--md-text-font-family:"Roboto";--md-code-font-family:"Roboto Mono"}</style>
<link rel="stylesheet" href="../../../static/css/asciinema-player.css">
<link rel="stylesheet" href="../../../static/css/extra.css">
</head>
<body dir="ltr" data-md-color-scheme="" data-md-color-primary="black" data-md-color-accent="grey">
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#registries" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<header class="md-header" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="https://k3d.io/" title="k3d" class="md-header__button md-logo" aria-label="k3d">
<img src="../../../static/img/k3d_logo_black_green.svg" alt="logo">
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
k3d
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
Registries
</span>
</div>
</div>
</div>
<div class="md-header__options">
</div>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" data-md-state="active" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
</label>
<button type="reset" class="md-search__icon md-icon" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41L17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z"/></svg>
</button>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://github.com/rancher/k3d/" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M439.55 236.05L244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
rancher/k3d
</div>
</a>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="https://k3d.io/" title="k3d" class="md-nav__button md-logo" aria-label="k3d">
<img src="../../../static/img/k3d_logo_black_green.svg" alt="logo">
</a>
k3d
</label>
<div class="md-nav__source">
<a href="https://github.com/rancher/k3d/" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M439.55 236.05L244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
rancher/k3d
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../.." class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2" type="checkbox" id="__nav_2" checked>
<label class="md-nav__link" for="__nav_2">
Usage
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Usage" data-md-level="1">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Usage
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../commands/" class="md-nav__link">
Command Tree
</a>
</li>
<li class="md-nav__item">
<a href="../../configfile/" class="md-nav__link">
Config File
</a>
</li>
<li class="md-nav__item">
<a href="../../kubeconfig/" class="md-nav__link">
Handling Kubeconfigs
</a>
</li>
<li class="md-nav__item">
<a href="../../multiserver/" class="md-nav__link">
Creating multi-server clusters
</a>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2_5" type="checkbox" id="__nav_2_5" checked>
<label class="md-nav__link" for="__nav_2_5">
Guides
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Guides" data-md-level="2">
<label class="md-nav__title" for="__nav_2_5">
<span class="md-nav__icon md-icon"></span>
Guides
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../exposing_services/" class="md-nav__link">
Exposing Services
</a>
</li>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" data-md-toggle="toc" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
Registries
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
Registries
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#registries-configuration-file" class="md-nav__link">
Registries configuration file
</a>
<nav class="md-nav" aria-label="Registries configuration file">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#registries-configuration-file-embedded-in-k3ds-simpleconfig" class="md-nav__link">
Registries Configuration File embedded in k3d's SimpleConfig
</a>
</li>
<li class="md-nav__item">
<a href="#authenticated-registries" class="md-nav__link">
Authenticated registries
</a>
</li>
<li class="md-nav__item">
<a href="#secure-registries" class="md-nav__link">
Secure registries
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#using-a-local-registry" class="md-nav__link">
Using a local registry
</a>
<nav class="md-nav" aria-label="Using a local registry">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#using-k3d-managed-registries" class="md-nav__link">
Using k3d-managed registries
</a>
<nav class="md-nav" aria-label="Using k3d-managed registries">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#create-a-dedicated-registry-together-with-your-cluster" class="md-nav__link">
Create a dedicated registry together with your cluster
</a>
</li>
<li class="md-nav__item">
<a href="#create-a-customized-k3d-managed-registry" class="md-nav__link">
Create a customized k3d-managed registry
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#using-your-own-not-k3d-managed-local-registry" class="md-nav__link">
Using your own (not k3d-managed) local registry
</a>
</li>
<li class="md-nav__item">
<a href="#pushing-to-your-local-registry-address" class="md-nav__link">
Pushing to your local registry address
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#testing-your-registry" class="md-nav__link">
Testing your registry
</a>
</li>
<li class="md-nav__item">
<a href="#configuring-registries-for-k3s-v091" class="md-nav__link">
Configuring registries for k3s &lt;= v0.9.1
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../calico/" class="md-nav__link">
Use Calico instead of Flannel
</a>
</li>
<li class="md-nav__item">
<a href="../cuda/" class="md-nav__link">
Running CUDA workloads
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3" type="checkbox" id="__nav_3" >
<label class="md-nav__link" for="__nav_3">
Internals
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Internals" data-md-level="1">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span>
Internals
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../internals/defaults/" class="md-nav__link">
Defaults
</a>
</li>
<li class="md-nav__item">
<a href="../../../internals/networking/" class="md-nav__link">
Networking
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_4" type="checkbox" id="__nav_4" >
<label class="md-nav__link" for="__nav_4">
FAQ
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="FAQ" data-md-level="1">
<label class="md-nav__title" for="__nav_4">
<span class="md-nav__icon md-icon"></span>
FAQ
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../faq/faq/" class="md-nav__link">
FAQ / Nice to know
</a>
</li>
<li class="md-nav__item">
<a href="../../../faq/v1vsv3-comparison/" class="md-nav__link">
Feature Comparison: v1 vs. v3
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#registries-configuration-file" class="md-nav__link">
Registries configuration file
</a>
<nav class="md-nav" aria-label="Registries configuration file">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#registries-configuration-file-embedded-in-k3ds-simpleconfig" class="md-nav__link">
Registries Configuration File embedded in k3d's SimpleConfig
</a>
</li>
<li class="md-nav__item">
<a href="#authenticated-registries" class="md-nav__link">
Authenticated registries
</a>
</li>
<li class="md-nav__item">
<a href="#secure-registries" class="md-nav__link">
Secure registries
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#using-a-local-registry" class="md-nav__link">
Using a local registry
</a>
<nav class="md-nav" aria-label="Using a local registry">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#using-k3d-managed-registries" class="md-nav__link">
Using k3d-managed registries
</a>
<nav class="md-nav" aria-label="Using k3d-managed registries">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#create-a-dedicated-registry-together-with-your-cluster" class="md-nav__link">
Create a dedicated registry together with your cluster
</a>
</li>
<li class="md-nav__item">
<a href="#create-a-customized-k3d-managed-registry" class="md-nav__link">
Create a customized k3d-managed registry
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#using-your-own-not-k3d-managed-local-registry" class="md-nav__link">
Using your own (not k3d-managed) local registry
</a>
</li>
<li class="md-nav__item">
<a href="#pushing-to-your-local-registry-address" class="md-nav__link">
Pushing to your local registry address
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#testing-your-registry" class="md-nav__link">
Testing your registry
</a>
</li>
<li class="md-nav__item">
<a href="#configuring-registries-for-k3s-v091" class="md-nav__link">
Configuring registries for k3s &lt;= v0.9.1
</a>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<a href="https://github.com/rancher/k3d/edit/master/docs/usage/guides/registries.md" title="Edit this page" class="md-content__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20.71 7.04c.39-.39.39-1.04 0-1.41l-2.34-2.34c-.37-.39-1.02-.39-1.41 0l-1.84 1.83 3.75 3.75M3 17.25V21h3.75L17.81 9.93l-3.75-3.75L3 17.25z"/></svg>
</a>
<h1 id="registries">Registries<a class="headerlink" href="#registries" title="Permanent link">&para;</a></h1>
<h2 id="registries-configuration-file">Registries configuration file<a class="headerlink" href="#registries-configuration-file" title="Permanent link">&para;</a></h2>
<p>You can add registries by specifying them in a <code>registries.yaml</code> and referencing it at creation time:
<code class="highlight">k3d cluster create mycluster --registry-config <span class="s2">&quot;/home/YOU/my-registries.yaml&quot;</span></code>.</p>
<details class="tip"><summary>Pre v4.0.0 solution</summary><p>Before we added the <code>--registry-config</code> flag in k3d v4.0.0, you had to bind-mount the file to the correct location: <code>--volume "/home/YOU/my-registries.yaml:/etc/rancher/k3s/registries.yaml"</code></p>
</details>
<p>This file is a regular <a href="https://rancher.com/docs/k3s/latest/en/installation/private-registry/">k3s registries configuration file</a>, and looks like this:</p>
<div class="highlight"><pre><span></span><code><span class="nt">mirrors</span><span class="p">:</span>
<span class="s">&quot;my.company.registry:5000&quot;</span><span class="p p-Indicator">:</span>
<span class="nt">endpoint</span><span class="p">:</span>
<span class="p p-Indicator">-</span> <span class="l l-Scalar l-Scalar-Plain">http://my.company.registry:5000</span>
</code></pre></div>
<p>In this example, an image with a name like <code>my.company.registry:5000/nginx:latest</code> would be
<em>pulled</em> from the registry running at <code>http://my.company.registry:5000</code>.</p>
<p>Note well there is an important limitation: <strong>this configuration file will only work with k3s &gt;= v0.10.0</strong>. It will fail silently with previous versions of k3s, but you find in the <a href="#k3s-old">section below</a> an alternative solution.</p>
<p>This file can also be used for providing additional information necessary for accessing some registries, like <a href="#authenticated-registries">authentication</a> and <a href="#secure-registries">certificates</a>.</p>
<h3 id="registries-configuration-file-embedded-in-k3ds-simpleconfig">Registries Configuration File embedded in k3d&rsquo;s SimpleConfig<a class="headerlink" href="#registries-configuration-file-embedded-in-k3ds-simpleconfig" title="Permanent link">&para;</a></h3>
<p>If you&rsquo;re using a <code>SimpleConfig</code> file to configure your k3d cluster, you may as well embed the registries.yaml in there directly:</p>
<div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">k3d.io/v1alpha2</span>
<span class="nt">kind</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">Simple</span>
<span class="nt">name</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">test</span>
<span class="nt">servers</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">1</span>
<span class="nt">agents</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">2</span>
<span class="nt">registries</span><span class="p">:</span>
<span class="nt">create</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="nt">config</span><span class="p">:</span> <span class="p p-Indicator">|</span>
<span class="no">mirrors:</span>
<span class="no">&quot;my.company.registry&quot;:</span>
<span class="no">endpoint:</span>
<span class="no">- http://my.company.registry:5000</span>
</code></pre></div>
<p>Here, the config for the k3d-managed registry, created by the <code>create: true</code> flag will be merged with the config specified under <code>config: |</code>.</p>
<h3 id="authenticated-registries">Authenticated registries<a class="headerlink" href="#authenticated-registries" title="Permanent link">&para;</a></h3>
<p>When using authenticated registries, we can add the <em>username</em> and <em>password</em> in a
<code>configs</code> section in the <code>registries.yaml</code>, like this:</p>
<div class="highlight"><pre><span></span><code><span class="nt">mirrors</span><span class="p">:</span>
<span class="nt">my.company.registry</span><span class="p">:</span>
<span class="nt">endpoint</span><span class="p">:</span>
<span class="p p-Indicator">-</span> <span class="l l-Scalar l-Scalar-Plain">http://my.company.registry</span>
<span class="nt">configs</span><span class="p">:</span>
<span class="nt">my.company.registry</span><span class="p">:</span>
<span class="nt">auth</span><span class="p">:</span>
<span class="nt">username</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">aladin</span>
<span class="nt">password</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">abracadabra</span>
</code></pre></div>
<h3 id="secure-registries">Secure registries<a class="headerlink" href="#secure-registries" title="Permanent link">&para;</a></h3>
<p>When using secure registries, the <a href="#registries-file"><code>registries.yaml</code> file</a> must include information about the certificates. For example, if you want to use images from the secure registry running at <code>https://my.company.registry</code>, you must first download a CA file valid for that server and store it in some well-known directory like <code>${HOME}/.k3d/my-company-root.pem</code>. </p>
<p>Then you have to mount the CA file in some directory in the nodes in the cluster and include that mounted file in a <code>configs</code> section in the <a href="#registries-file"><code>registries.yaml</code> file</a>.
For example, if we mount the CA file in <code>/etc/ssl/certs/my-company-root.pem</code>, the <code>registries.yaml</code> will look like:</p>
<div class="highlight"><pre><span></span><code><span class="nt">mirrors</span><span class="p">:</span>
<span class="nt">my.company.registry</span><span class="p">:</span>
<span class="nt">endpoint</span><span class="p">:</span>
<span class="p p-Indicator">-</span> <span class="l l-Scalar l-Scalar-Plain">https://my.company.registry</span>
<span class="nt">configs</span><span class="p">:</span>
<span class="nt">my.company.registry</span><span class="p">:</span>
<span class="nt">tls</span><span class="p">:</span>
<span class="c1"># we will mount &quot;my-company-root.pem&quot; in the /etc/ssl/certs/ directory.</span>
<span class="nt">ca_file</span><span class="p">:</span> <span class="s">&quot;/etc/ssl/certs/my-company-root.pem&quot;</span>
</code></pre></div>
<p>Finally, we can create the cluster, mounting the CA file in the path we specified in <code>ca_file</code>:</p>
<p><code class="highlight">k3d cluster create --volume <span class="s2">&quot;</span><span class="si">${</span><span class="nv">HOME</span><span class="si">}</span><span class="s2">/.k3d/my-registries.yaml:/etc/rancher/k3s/registries.yaml&quot;</span> --volume <span class="s2">&quot;</span><span class="si">${</span><span class="nv">HOME</span><span class="si">}</span><span class="s2">/.k3d/my-company-root.pem:/etc/ssl/certs/my-company-root.pem&quot;</span></code></p>
<h2 id="using-a-local-registry">Using a local registry<a class="headerlink" href="#using-a-local-registry" title="Permanent link">&para;</a></h2>
<h3 id="using-k3d-managed-registries">Using k3d-managed registries<a class="headerlink" href="#using-k3d-managed-registries" title="Permanent link">&para;</a></h3>
<div class="admonition info">
<p class="admonition-title">Just ported!</p>
<p>The k3d-managed registry is available again as of k3d v4.0.0 (January 2021)</p>
</div>
<h4 id="create-a-dedicated-registry-together-with-your-cluster">Create a dedicated registry together with your cluster<a class="headerlink" href="#create-a-dedicated-registry-together-with-your-cluster" title="Permanent link">&para;</a></h4>
<ol>
<li><code class="highlight">k3d cluster create mycluster --registry-create</code>: This creates your cluster <code>mycluster</code> together with a registry container called <code>k3d-mycluster-registry</code><ul>
<li>k3d sets everything up in the cluster for containerd to be able to pull images from that registry (using the <code>registries.yaml</code> file)</li>
<li>the port, which the registry is listening on will be mapped to a random port on your host system</li>
</ul>
</li>
<li>Check the k3d command output or <code class="highlight">docker ps -f <span class="nv">name</span><span class="o">=</span>k3d-mycluster-registry</code> to find the exposed port (let&rsquo;s use <code>12345</code> here)</li>
<li>Pull some image (optional) <code class="highlight">docker pull alpine:latest</code>, re-tag it to reference your newly created registry <code class="highlight">docker tag alpine:latest k3d-mycluster-registry:12345/testimage:local</code> and push it <code class="highlight">docker push k3d-mycluster-registry:12345/testimage:local</code></li>
<li>Use kubectl to create a new pod in your cluster using that image to see, if the cluster can pull from the new registry: <code class="highlight">kubectl run --image k3d-mycluster-registry:12345/testimage:local testimage --command -- tail -f /dev/null</code> (creates a container that will not do anything but keep on running)</li>
</ol>
<h4 id="create-a-customized-k3d-managed-registry">Create a customized k3d-managed registry<a class="headerlink" href="#create-a-customized-k3d-managed-registry" title="Permanent link">&para;</a></h4>
<ol>
<li><code class="highlight">k3d registry create myregistry.localhost --port <span class="m">12345</span></code> creates a new registry called <code>k3d-myregistry.localhost</code> (could be used with automatic resolution of <code>*.localhost</code>, see next section - also, <strong>note the <code>k3d-</code> prefix</strong> that k3d adds to all resources it creates)</li>
<li><code class="highlight">k3d cluster create newcluster --registry-use k3d-myregistry.localhost:12345</code> (make sure you use the <strong><code>k3d-</code> prefix</strong> here) creates a new cluster set up to us that registry</li>
<li>continue with step 3 and 4 from the last section for testing</li>
</ol>
<!-- Admonition to describe usage of a non-k3d-managed registry -->
<h3 id="using-your-own-not-k3d-managed-local-registry">Using your own (not k3d-managed) local registry<a class="headerlink" href="#using-your-own-not-k3d-managed-local-registry" title="Permanent link">&para;</a></h3>
<p><em>We recommend using a k3d-managed registry, as it plays nicely together with k3d clusters, but here&rsquo;s also a guide to create your own (not k3d-managed) registry, if you need features or customizations, that k3d does not provide:</em></p>
<details class="nonk3dregistry"><summary>Using your own (not k3d-managed) local registry</summary><p>You can start your own local registry it with some <code>docker</code> commands, like:</p>
<div class="highlight"><pre><span></span><code>docker volume create local_registry
docker container run -d --name registry.localhost -v local_registry:/var/lib/registry --restart always -p <span class="m">5000</span>:5000 registry:2
</code></pre></div>
<p>These commands will start your registry in <code>registry.localhost:5000</code>. In order to push to this registry, you will need to make it accessible as described in the next section.
Once your registry is up and running, we will need to add it to your <code>registries.yaml</code> configuration file.
Finally, you have to connect the registry network to the k3d cluster network: <code class="highlight">docker network connect k3d-k3s-default registry.localhost</code>. And then you can <a href="#testing-your-registry">test your local registry</a>.</p>
</details>
<h3 id="pushing-to-your-local-registry-address">Pushing to your local registry address<a class="headerlink" href="#pushing-to-your-local-registry-address" title="Permanent link">&para;</a></h3>
<p>As per the guide above, the registry will be available at <code>registry.localhost:5000</code>.</p>
<p>All the nodes in your k3d cluster can resolve this hostname (thanks to the DNS server provided by the Docker daemon) but, in order to be able to push to this registry, this hostname also has to be resolved by your host.</p>
<div class="admonition info">
<p class="admonition-title">nss-myhostname to resolve <code>*.localhost</code></p>
<p>Luckily (for Linux users), <a href="http://man7.org/linux/man-pages/man8/nss-myhostname.8.html">NSS-myhostname</a> ships with many Linux distributions
and should resolve <code>*.localhost</code> automatically to <code>127.0.0.1</code>.<br />
Otherwise, it&rsquo;s installable using <code>sudo apt install libnss-myhostname</code>.</p>
</div>
<p>If your system does not provide/support tools that can auto-resolve specific names to <code>127.0.0.1</code>, you can manually add an entry in your <code>/etc/hosts</code> (<code>c:\windows\system32\drivers\etc\hosts</code> on Windows) file like this:</p>
<div class="highlight"><pre><span></span><code><span class="m">127</span>.0.0.1 k3d-registry.localhost
</code></pre></div>
<p>Once again, this will only work with k3s &gt;= v0.10.0 (see the some sections below when using k3s &lt;= v0.9.1)</p>
<h2 id="testing-your-registry">Testing your registry<a class="headerlink" href="#testing-your-registry" title="Permanent link">&para;</a></h2>
<p>You should test that you can</p>
<ul>
<li>push to your registry from your local development machine.</li>
<li>use images from that registry in <code>Deployments</code> in your k3d cluster.</li>
</ul>
<p>We will verify these two things for a local registry (located at <code>k3d-registry.localhost:12345</code>) running in your development machine. Things would be basically the same for checking an external registry, but some additional configuration could be necessary in your local machine when using an authenticated or secure registry (please refer to Docker&rsquo;s documentation for this).</p>
<p>First, we can download some image (like <code>nginx</code>) and push it to our local registry with:</p>
<div class="highlight"><pre><span></span><code>docker pull nginx:latest
docker tag nginx:latest k3d-registry.localhost:5000/nginx:latest
docker push k3d-registry.localhost:5000/nginx:latest
</code></pre></div>
<p>Then we can deploy a pod referencing this image to your cluster:</p>
<div class="highlight"><pre><span></span><code>cat <span class="s">&lt;&lt;EOF | kubectl apply -f -</span>
<span class="s">apiVersion: apps/v1</span>
<span class="s">kind: Deployment</span>
<span class="s">metadata:</span>
<span class="s"> name: nginx-test-registry</span>
<span class="s"> labels:</span>
<span class="s"> app: nginx-test-registry</span>
<span class="s">spec:</span>
<span class="s"> replicas: 1</span>
<span class="s"> selector:</span>
<span class="s"> matchLabels:</span>
<span class="s"> app: nginx-test-registry</span>
<span class="s"> template:</span>
<span class="s"> metadata:</span>
<span class="s"> labels:</span>
<span class="s"> app: nginx-test-registry</span>
<span class="s"> spec:</span>
<span class="s"> containers:</span>
<span class="s"> - name: nginx-test-registry</span>
<span class="s"> image: k3d-registry.localhost:12345/nginx:latest</span>
<span class="s"> ports:</span>
<span class="s"> - containerPort: 80</span>
<span class="s">EOF</span>
</code></pre></div>
<p>Then you should check that the pod is running with <code>kubectl get pods -l "app=nginx-test-registry"</code>.</p>
<h2 id="configuring-registries-for-k3s-v091">Configuring registries for k3s &lt;= v0.9.1<a class="headerlink" href="#configuring-registries-for-k3s-v091" title="Permanent link">&para;</a></h2>
<p>k3s servers below v0.9.1 do not recognize the <code>registries.yaml</code> file as described in
the in the beginning, so you will need to embed the contents of that file in a <code>containerd</code> configuration file.
You will have to create your own <code>containerd</code> configuration file at some well-known path like <code>${HOME}/.k3d/config.toml.tmpl</code>, like this:</p>
<details class="registriesprev091"><summary>config.toml.tmpl</summary><div class="highlight"><pre><span></span><code><span class="c1"># Original section: no changes</span>
<span class="k">[plugins.opt]</span>
<span class="n">path</span> <span class="o">=</span> <span class="s">&quot;{{ .NodeConfig.Containerd.Opt }}&quot;</span>
<span class="k">[plugins.cri]</span>
<span class="n">stream_server_address</span> <span class="o">=</span> <span class="s">&quot;{{ .NodeConfig.AgentConfig.NodeName }}&quot;</span>
<span class="n">stream_server_port</span> <span class="o">=</span> <span class="s">&quot;10010&quot;</span>
<span class="p">{{</span><span class="err">-</span> <span class="n">if</span> <span class="p">.</span><span class="n">IsRunningInUserNS</span> <span class="p">}}</span>
<span class="n">disable_cgroup</span> <span class="o">=</span> <span class="kc">true</span>
<span class="n">disable_apparmor</span> <span class="o">=</span> <span class="kc">true</span>
<span class="n">restrict_oom_score_adj</span> <span class="o">=</span> <span class="kc">true</span>
<span class="p">{{</span> <span class="n">end</span> <span class="err">-</span><span class="p">}}</span>
<span class="p">{{</span><span class="err">-</span> <span class="n">if</span> <span class="p">.</span><span class="n">NodeConfig</span><span class="p">.</span><span class="n">AgentConfig</span><span class="p">.</span><span class="n">PauseImage</span> <span class="p">}}</span>
<span class="n">sandbox_image</span> <span class="o">=</span> <span class="s">&quot;{{ .NodeConfig.AgentConfig.PauseImage }}&quot;</span>
<span class="p">{{</span> <span class="n">end</span> <span class="err">-</span><span class="p">}}</span>
<span class="p">{{</span><span class="err">-</span> <span class="n">if</span> <span class="n">not</span> <span class="p">.</span><span class="n">NodeConfig</span><span class="p">.</span><span class="n">NoFlannel</span> <span class="p">}}</span>
<span class="k">[plugins.cri.cni]</span>
<span class="n">bin_dir</span> <span class="o">=</span> <span class="s">&quot;{{ .NodeConfig.AgentConfig.CNIBinDir }}&quot;</span>
<span class="n">conf_dir</span> <span class="o">=</span> <span class="s">&quot;{{ .NodeConfig.AgentConfig.CNIConfDir }}&quot;</span>
<span class="p">{{</span> <span class="n">end</span> <span class="err">-</span><span class="p">}}</span>
<span class="c1"># Added section: additional registries and the endpoints</span>
<span class="k">[plugins.cri.registry.mirrors]</span>
<span class="k">[plugins.cri.registry.mirrors.&quot;&lt;b&gt;registry.localhost:5000&lt;/b&gt;&quot;]</span>
<span class="n">endpoint</span> <span class="o">=</span> <span class="k">[&quot;http://&lt;b&gt;registry.localhost:5000&lt;/b&gt;&quot;]</span>
</code></pre></div>
</details>
<p>and then mount it at <code>/var/lib/rancher/k3s/agent/etc/containerd/config.toml.tmpl</code> (where <code>containerd</code> in your k3d nodes will load it) when creating the k3d cluster:</p>
<div class="highlight"><pre><span></span><code>k3d cluster create mycluster <span class="se">\</span>
--volume <span class="si">${</span><span class="nv">HOME</span><span class="si">}</span>/.k3d/config.toml.tmpl:/var/lib/rancher/k3s/agent/etc/containerd/config.toml.tmpl
</code></pre></div>
<hr>
<div class="md-source-date">
<small>
Last update: <span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">March 11, 2021</span>
</small>
</div>
</article>
</div>
</div>
</main>
<footer class="md-footer">
<nav class="md-footer__inner md-grid" aria-label="Footer">
<a href="../exposing_services/" class="md-footer__link md-footer__link--prev" rel="prev">
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
</div>
<div class="md-footer__title">
<div class="md-ellipsis">
<span class="md-footer__direction">
Previous
</span>
Exposing Services
</div>
</div>
</a>
<a href="../calico/" class="md-footer__link md-footer__link--next" rel="next">
<div class="md-footer__title">
<div class="md-ellipsis">
<span class="md-footer__direction">
Next
</span>
Use Calico instead of Flannel
</div>
</div>
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11H4z"/></svg>
</div>
</a>
</nav>
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-footer-copyright">
<div class="md-footer-copyright__highlight">
Copyright &copy; 2020 k3d Authors
</div>
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../../..", "features": ["tabs"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing"}, "search": "../../../assets/javascripts/workers/search.fb4a9340.min.js", "version": null}</script>
<script src="../../../assets/javascripts/bundle.5cf3e710.min.js"></script>
<script src="../../../static/js/asciinema-player.js"></script>
</body>
</html>