registry is working!!

registry-ui/config.yml

@@ -0,0 +1,24 @@
+version: 0.1
+log:
+  fields:
+    service: registry
+storage:
+  cache:
+    blobdescriptor: inmemory
+  filesystem:
+    rootdirectory: /var/lib/registry
+http:
+  addr: :5000
+  headers:
+    X-Content-Type-Options: [nosniff]
+    Access-Control-Allow-Origin: ["http://registry-ui.wayl.one"]
+    Access-Control-Allow-Methods: ["HEAD", "GET", "OPTIONS", "DELETE"]
+    Access-Control-Expose-Headers: ["Docker-Content-Digest"]
+    Access-Control-Allow-Credentials: [true]
+    Access-Control-Allow-Headers: ["Accept", "Authorization", "Content-Type", "Access-Control-Allow-Headers", "X-Requested-With"]
+    Access-Control-Max-Age: [1728000]
+health:
+  storagedriver:
+    enabled: true
+    interval: 10s
+    threshold: 3

registry-ui/deployment.yaml

@@ -0,0 +1,269 @@
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    kompose.cmd: kompose convert -o deployment.yaml -n registry --replicas 4
+    kompose.service.expose: registry.wayl.one
+    kompose.service.type: loadbalancer
+    kompose.version: 1.31.2 (a92241f79)
+  creationTimestamp: null
+  labels:
+    io.kompose.service: registry-server-tcp
+  name: registry-server-tcp
+  namespace: registry
+spec:
+  ports:
+    - name: "5000"
+      port: 5000
+      targetPort: 5000
+  selector:
+    io.kompose.service: registry-server
+  type: LoadBalancer
+status:
+  loadBalancer: {}
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    kompose.cmd: kompose convert -o deployment.yaml -n registry --replicas 4
+    kompose.image-pull-secret: regcred
+    kompose.service.expose: registry-ui.wayl.one
+    kompose.version: 1.31.2 (a92241f79)
+  creationTimestamp: null
+  labels:
+    io.kompose.service: registry-ui
+  name: registry-ui
+  namespace: registry
+spec:
+  ports:
+    - name: "80"
+      port: 80
+      targetPort: 80
+  selector:
+    io.kompose.service: registry-ui
+status:
+  loadBalancer: {}
+
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  creationTimestamp: null
+  name: registry
+  namespace: registry
+spec: {}
+status: {}
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations:
+    kompose.cmd: kompose convert -o deployment.yaml -n registry --replicas 4
+    kompose.service.expose: registry.wayl.one
+    kompose.service.type: loadbalancer
+    kompose.version: 1.31.2 (a92241f79)
+  creationTimestamp: null
+  labels:
+    io.kompose.service: registry-server
+  name: registry-server
+  namespace: registry
+spec:
+  replicas: 4
+  selector:
+    matchLabels:
+      io.kompose.service: registry-server
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      annotations:
+        kompose.cmd: kompose convert -o deployment.yaml -n registry --replicas 4
+        kompose.service.expose: registry.wayl.one
+        kompose.service.type: loadbalancer
+        kompose.version: 1.31.2 (a92241f79)
+      creationTimestamp: null
+      labels:
+        io.kompose.network/registry-ui-default: "true"
+        io.kompose.service: registry-server
+    spec:
+      containers:
+        - env:
+            - name: REGISTRY_AUTH
+              value: htpasswd
+            - name: REGISTRY_AUTH_HTPASSWD_PATH
+              value: /auth/registry.password
+            - name: REGISTRY_AUTH_HTPASSWD_REALM
+              value: Registry
+            - name: REGISTRY_HTTP_HEADERS_Access-Control-Allow-Credentials
+              value: "[true]"
+            - name: REGISTRY_HTTP_HEADERS_Access-Control-Allow-Headers
+              value: "['Accept', 'Authorization', 'Content-Type', 'Access-Control-Allow-Headers', 'X-Requested-With']"
+            - name: REGISTRY_HTTP_HEADERS_Access-Control-Allow-Methods
+              value: "[HEAD,GET,OPTIONS,DELETE]"
+            - name: REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin
+              value: "[https://registry-ui.wayl.one]"
+            - name: REGISTRY_HTTP_HEADERS_Access-Control-Expose-Headers
+              value: "[Docker-Content-Digest]"
+            - name: REGISTRY_HTTP_HEADERS_Access-Control-Max-Age
+              value: "[17280000]"
+            - name: REGISTRY_STORAGE_DELETE_ENABLED
+              value: "true"
+            - name: REGISTRY_TITLE
+              value: Waylon Walker's Docker Registry
+            - name: REGISTRY_URL
+              value: https://registry.wayl.one
+          image: registry:2.8.2
+          name: registry-server
+          ports:
+            - containerPort: 5000
+              protocol: TCP
+          resources: {}
+          volumeMounts:
+            - mountPath: /var/lib/registry
+              name: registry
+            - mountPath: /auth
+              name: registry-auth
+      restartPolicy: Always
+      volumes:
+        - name: registry
+          persistentVolumeClaim:
+            claimName: registry
+        - name: registry-auth
+          persistentVolumeClaim:
+            claimName: registry-auth
+status: {}
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  creationTimestamp: null
+  labels:
+    io.kompose.service: registry
+  name: registry
+  namespace: registry
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 100Mi
+status: {}
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  creationTimestamp: null
+  labels:
+    io.kompose.service: registry-auth
+  name: registry-auth
+  namespace: registry
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 100Mi
+status: {}
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations:
+    kompose.cmd: kompose convert -o deployment.yaml -n registry --replicas 4
+    kompose.image-pull-secret: regcred
+    kompose.service.expose: registry-ui.wayl.one
+    kompose.version: 1.31.2 (a92241f79)
+  creationTimestamp: null
+  labels:
+    io.kompose.service: registry-ui
+  name: registry-ui
+  namespace: registry
+spec:
+  replicas: 4
+  selector:
+    matchLabels:
+      io.kompose.service: registry-ui
+  strategy: {}
+  template:
+    metadata:
+      annotations:
+        kompose.cmd: kompose convert -o deployment.yaml -n registry --replicas 4
+        kompose.image-pull-secret: regcred
+        kompose.service.expose: registry-ui.wayl.one
+        kompose.version: 1.31.2 (a92241f79)
+      creationTimestamp: null
+      labels:
+        io.kompose.network/registry-ui-default: "true"
+        io.kompose.service: registry-ui
+    spec:
+      containers:
+        - env:
+            - name: CATALOG_ELEMENTS_LIMIT
+              value: "1000"
+            - name: CATALOG_MAX_BRANCHES
+              value: "1"
+            - name: CATALOG_MIN_BRANCHES
+              value: "1"
+            - name: DELETE_IMAGES
+              value: "true"
+            - name: NGINX_PROXY_PASS_URL
+              value: https://registry.wayl.one
+            - name: REGISTRY_SECURED
+              value: "true"
+            - name: REGISTRY_TITLE
+              value: Waylon Walker's Docker Registry
+            - name: REGISTRY_URL
+              value: https://registry.wayl.one
+            - name: SHOW_CATALOG_NB_TAGS
+              value: "true"
+            - name: SHOW_CONTENT_DIGEST
+              value: "true"
+            - name: SINGLE_REGISTRY
+              value: "true"
+            - name: TAGLIST_PAGE_SIZE
+              value: "100"
+          image: joxit/docker-registry-ui:main
+          name: registry-ui
+          ports:
+            - containerPort: 80
+              protocol: TCP
+          resources: {}
+      imagePullSecrets:
+        - name: regcred
+      restartPolicy: Always
+status: {}
+
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  annotations:
+    kompose.cmd: kompose convert -o deployment.yaml -n registry --replicas 4
+    kompose.image-pull-secret: regcred
+    kompose.service.expose: registry-ui.wayl.one
+    kompose.version: 1.31.2 (a92241f79)
+  creationTimestamp: null
+  labels:
+    io.kompose.service: registry-ui
+  name: registry-ui
+  namespace: registry
+spec:
+  rules:
+    - host: registry-ui.wayl.one
+      http:
+        paths:
+          - backend:
+              service:
+                name: registry-ui
+                port:
+                  number: 80
+            path: /
+            pathType: Prefix
+status:
+  loadBalancer: {}

registry-ui/docker-compose.yml

@@ -0,0 +1,76 @@
+version: "3.8"
+
+services:
+  registry-ui:
+    image: joxit/docker-registry-ui:main
+    restart: always
+    ports:
+      - 80
+    environment:
+      - SINGLE_REGISTRY=true
+      - REGISTRY_TITLE=Waylon Walker's Docker Registry
+      - DELETE_IMAGES=true
+      - SHOW_CONTENT_DIGEST=true
+      - NGINX_PROXY_PASS_URL=https://registry.wayl.one
+      - REGISTRY_URL=https://registry.wayl.one
+      - SHOW_CATALOG_NB_TAGS=true
+      - CATALOG_MIN_BRANCHES=1
+      - CATALOG_MAX_BRANCHES=1
+      - TAGLIST_PAGE_SIZE=100
+      - REGISTRY_SECURED=true
+      - CATALOG_ELEMENTS_LIMIT=1000
+    container_name: registry-ui
+    labels:
+      kompose.service.expose: registry-ui.wayl.one
+      kompose.image-pull-secret: regcred
+      # kompose.service.expose.ingress-class-name: "nginx"
+      # nginx.ingress.kubernetes.io/auth-type: basic
+      # nginx.ingress.kubernetes.io/auth-secret: basic-auth
+      # nginx.ingress.kubernetes.io/auth-realm: "Authentication Required - registry-ui"
+
+  registry-server:
+    image: registry:2.8.2
+    restart: always
+    ports:
+      - 5000
+    environment:
+      REGISTRY_TITLE: Waylon Walker's Docker Registry
+      REGISTRY_URL: https://registry.wayl.one
+      REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin: "[https://registry-ui.wayl.one]"
+      REGISTRY_HTTP_HEADERS_Access-Control-Allow-Methods: "[HEAD,GET,OPTIONS,DELETE]"
+      REGISTRY_HTTP_HEADERS_Access-Control-Allow-Credentials: "[true]"
+      REGISTRY_HTTP_HEADERS_Access-Control-Allow-Headers: "['Accept', 'Authorization', 'Content-Type', 'Access-Control-Allow-Headers', 'X-Requested-With']"
+      REGISTRY_HTTP_HEADERS_Access-Control-Expose-Headers: "[Docker-Content-Digest]"
+      REGISTRY_HTTP_HEADERS_Access-Control-Max-Age: "[17280000]"
+      REGISTRY_STORAGE_DELETE_ENABLED: "true"
+
+      REGISTRY_AUTH: htpasswd
+      REGISTRY_AUTH_HTPASSWD_REALM: Registry
+      REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password
+    volumes:
+      - registry:/var/lib/registry
+      - registry-auth:/auth
+      # - registry-config:/etc/docker/registry
+    container_name: registry-server
+    labels:
+      kompose.service.expose: registry.wayl.one
+      kompose.service.type: loadbalancer
+      # kompose.image-pull-secret: regcred
+      # kompose.service.expose.ingress-class-name: "nginx"
+      # kompose.service.type: nodeport
+
+      # kompose.service.nodeport.port: 30001
+      # nginx.ingress.kubernetes.io/auth-type: basic
+      # nginx.ingress.kubernetes.io/auth-secret: basic-auth
+      # nginx.ingress.kubernetes.io/auth-realm: "Authentication Required - registry-server"
+      # traefik.ingress.kubernetes.io/router.tls: "true"
+      # traefik.ingress.kubernetes.io/buffering: |
+      #   maxrequestbodybytes: 20000000000
+      #   memrequestbodybytes: 20000000000
+      #   maxresponsebodybytes: 20000000000
+      #   memresponsebodybytes: 20000000000
+
+volumes:
+  registry:
+  registry-config:
+  registry-auth:

registry-ui/justfile

@@ -0,0 +1,35 @@
+default: cred convert deploy viz
+update: convert patch
+
+inspect:
+    kubectl apply -f pvc-inspector.yaml
+
+create-ns:
+    kubectl create ns registry
+cred:
+    kubectl get secret -n default regcred --output=yaml -o yaml | sed 's/namespace: default/namespace: registry/' | kubectl apply -n registry -f - && echo deployed secret || echo secret exists
+convert:
+    kompose convert -o deployment.yaml -n registry --replicas 4
+deploy:
+    kubectl apply -f deployment.yaml
+delete:
+    kubectl delete all --all -n registry --timeout=0s
+viz:
+    k8sviz -n registry --kubeconfig $KUBECONFIG -t png -o registry-k8s.png
+restart:
+    kubectl rollout restart -n registry deployment/registry-server
+    kubectl rollout restart -n registry deployment/registry-ui
+
+patch:
+    kubectl patch -f deployment.yaml
+describe:
+    kubectl get deployment -n registry
+    kubectl get rs -n registry
+    kubectl get pod -n registry
+    kubectl get svc -n registry
+    kubectl get ing -n registry
+
+describe-pod:
+    kubectl describe pod -n registry
+logs:
+    kubectl logs --all-containers -l io.kompose.service=registry-wayl-one -n registry -f

registry-ui/pvc-inspector.yaml

@@ -0,0 +1,27 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: pvc-inspector
+  namespace: registry
+spec:
+  containers:
+    - image: registry.wayl.one/devtainer:slim
+      name: pvc-inspector
+      command: ["sleep", "300"]
+      volumeMounts:
+        - mountPath: /pvc-registry
+          name: pvc-registry
+        - mountPath: /pvc-registry-auth
+          name: pvc-registry-auth
+        - mountPath: /pvc-registry-config
+          name: pvc-registry-config
+  volumes:
+    - name: pvc-registry
+      persistentVolumeClaim:
+        claimName: registry
+    - name: pvc-registry-auth
+      persistentVolumeClaim:
+        claimName: registry-auth
+    - name: pvc-registry-config
+      persistentVolumeClaim:
+        claimName: registry-config