How do I allow the use of a private unsafe registry inside a node minicube?
I know there are about a thousand answers to various permutations of this question, but none of the fifteen or so I've tried have worked.
I am working on Mac OS Sierra and using Minikube 0.17.1 as well as kubectl 1.5.3.
We run our own private Docker registry which is insecure as it is not open to the internet. (This is not my choice or my control, so it is not open to discussion). This is my first foray into Kubernete and dance orchestration in general. I also have a very intermediate level of knowledge about Docker in general, so I'll drown myself in the terminology / platform soup here.
When I do
kubectl run perf-ui --image=X.X.X.X/performance/perf-ui:master
I see
Image error for XXXX / performance / perf-ui: master, this could be due to missing credentials for this request. details: (Error response from daemon: Get https: // XXXX / v1 / _ping : type tcp XXXX: 443: getsockopt: connection refused)
We have an Ubuntu window accessing the same registry (not using Kubernetes, just Docker) that works great. This is probably due to
DOCKER_OPTS = "- insecure-registry XXXX"
located in / etc / default / docker.
I made similar changes using the Docker for Mac UI. I don't know where this change is saved in the config file. After this change, docker pulled on my laptop !!! Again, this is just using Docker, not Kubernetes. The interesting thing is that I got the same "Connection Failure Error" (as it tries to access over HTTPS) on my Mac when I got into VM Minikube and it worked after changing the traction. I feel like I am there.
After sshing into minikube (VM created my minikube launch) using
minikube ssh
I added the following content to / var / lib / boot 2docker / profile
export EXTRA_ARGS="$EXTRA_ARGS --insecure-registry 10.129.100.3
export DOCKER_OPTS="$DOCKER_OPTS --insecure-registry 10.129.100.3
As you can conclude, nothing worked. I know I have tried other things, but they failed too.
I know this is not the most detailed explanation, but I've been digging into this for 4 hours already.
The bottom line is the docker runners running our Ubuntu box with the correct config file set up and from my Mac with the correct set up.
How do I enable the same setting in my "Linux 2.6" VM created by Minikube?
If anyone knows the answer, I will be forever grateful.
Thank you in advance!
source to share
Thanks Janos for an alternative solution. I'm sure this is the right choice for some use cases.
It turns out I needed a good night's sleep and the following command to start Minikube in the first place:
minikube start --insecure-registry="X.X.X.X"
PS Don't forget to add ": port" if needed. This is not the case for me.
In the end, it was actually talking about Docker using an insecure registry, but it was not clear how to tell Docker that when I was not directly controlling it.
I know it sounds simple, but after you've tried a hundred things, you're almost hallucinating, so you're not in a great position to make rational decisions. I apologize for the stupid post, but I bet it will help at least one person one day, making him worthy.
Thank you SO!
source to share
You can use kube-registry-proxy (some configuration required): https://github.com/kubernetes/kubernetes/blob/master/cluster/saltbase/salt/kube-registry-proxy/kube-registry-proxy.yaml
Then you can refer to localhost:5050
both your registry. The trick is that it is localhost
allowed as an insecure registry by default.
source to share