1.docker-ui.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: docker-registry-deployment
labels:
app: registry
env: prod
spec:
replicas: 1
selector:
matchLabels:
app: docker-registry
env: prod
template:
metadata:
labels:
app: docker-registry
env: prod
spec:
containers:
- name: docker-registry-container
image: registry:2
imagePullPolicy: IfNotPresent
env:
- name: REGISTRY_STORAGE_DELETE_ENABLED
value: "true"
resources:
requests:
memory: "256Mi"
cpu: "200m"
limits:
memory: "512Mi"
cpu: "200m"
volumeMounts:
- name: registry-data
mountPath: /var/lib/registry
- name: config-yml
mountPath: /etc/docker/registry/config.yml
subPath: config.yml
ports:
- containerPort: 5000
volumes:
- name: registry-data
nfs:
server: 192.168.0.184
path: "/opt/nfs1/docker_registry"
- name: config-yml
configMap:
name: docker-registry-conf
---
kind: ConfigMap
apiVersion: v1
metadata:
name: docker-registry-conf
data:
config.yml: |+
version: 0.1
log:
fields:
service: registry
storage:
filesystem:
rootdirectory: /var/lib/registry
http:
addr: 0.0.0.0:5000
secret: asecretforlocaldevelopment
headers:
X-Content-Type-Options: [nosniff]
health:
storagedriver:
enabled: true
interval: 10s
threshold: 3
---
kind: Service
apiVersion: v1
metadata:
name: docker-registry-service
labels:
app: docker-registry
env: prod
spec:
selector:
app: docker-registry
env: prod
ports:
- name: docker-registry
protocol: TCP
port: 5000
targetPort: 5000
#Docker ui
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: docker-ui-deployment
labels:
app: dockerui
env: prod
spec:
replicas: 1
selector:
matchLabels:
app: dockerui
env: prod
template:
metadata:
labels:
app: dockerui
env: prod
spec:
containers:
- name: dockerui-container
image: joxit/docker-registry-ui:static
imagePullPolicy: IfNotPresent
env:
- name: REGISTRY_URL
value: "http://docker-registry-service:5000"
- name: DELETE_IMAGES
value: "true"
- name: REGISTRY_TITLE
value: "Docker-UI"
resources:
requests:
memory: "512Mi"
cpu: "200m"
limits:
memory: "512Mi"
cpu: "200m"
ports:
- containerPort: 80
---
kind: Service
apiVersion: v1
metadata:
name: dockerui-service
labels:
app: dockerui
env: prod
spec:
selector:
app: dockerui
env: prod
ports:
- name: dockerui
protocol: TCP
port: 80
targetPort: 80
nodePort: 30005
type: NodePort2.Apache proxy rule
htpasswd -c /etc/httpd/admin-htpasswd admin
<VirtualHost *:80>
ServerName docker.initedit.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =docker.initedit.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>
<VirtualHost *:443>
<Location />
AuthName authorization
AuthType Basic
require valid-user
AuthUserFile '/etc/httpd/admin-htpasswd'
</Location>
ServerName docker.initedit.com
AllowEncodedSlashes on
RewriteEngine on
SSLEngine On
SSLProxyEngine On
ProxyPreserveHost On
RequestHeader set X-Forwarded-Proto "https"
ProxyPass / http://192.168.0.183:30005/
ProxyPassReverse / http://192.168.0.183:30005/
SSLCertificateFile /etc/letsencrypt/live/docker.initedit.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/docker.initedit.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/docker.initedit.com/fullchain.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
Note: Add htpasswd for basic authentication
docker tag docker.io/busybox docker.initedit.com/busybox1docker push docker.initedit.com/busybox1
3. You can delete from UI and also using docker_reg_tool. After deleting you need to run below command inside registry container to remove it completely
docker exec -it name_of_registory_container bin/registry garbage-collect /etc/docker/registry/config.yml