https://www.digitalocean.com/community/pages/kubernetes-challenge
Description: goal of the project is deploy an internal container registry - Harbor (https://goharbor.io/)
Harbor registry: https://161.35.246.128/ (deprecated)
Small demo: https://youtu.be/yr9I_htGURI
- Creating the kubernetes cluster on Digital Ocean
- Deploy and configure Harbor Helm chart
- Testing the result (+ small demo)
My cluster consists of 3 nodes.
Get the cluster ID:
doctl kubernetes cluster list
Apply kubeconfig by ID:
doctl kubernetes cluster kubeconfig save <cluster_id>
Check the cluster status:
kubectl get nodes
Download harbor Helm chart:
helm repo add harbor https://helm.goharbor.io
helm fetch harbor/harbor --untar
Edit certain fields in values.yaml:
expose:
type: loadBalancer
tls:
enabled: true
certSource: auto
auto:
commonName: "161.35.246.128"
loadBalancer:
name: harbor
IP: "161.35.246.128"
externalURL: https://my.local.harbor
Install chart:
helm install -n harbor harbor .
Check the status:
kubectl get pods -n harbor
Go to https://161.35.246.128 or https://my.local.harbor and log in:
Login: admin
Password: Harbor12345
Create a project:
Set Up certificate:
openssl s_client -connect my.local.cluster:443
Copy certificate to ca.crt:
-----BEGIN CERTIFICATE-----
MIIC6TCC...
-----END CERTIFICATE-----
Apply cert (Windows method):
- Start > "Manage Computer Certificates" (also available in the control panel)
- Right-click on "Trusted Root Certification Authoritites" > "All tasks" > "Import"
- Browse to the crt file and then keep pressing "Next" to complete the wizard
- Restart Docker for Windows
Add exception to docker desktop:
YouTube small demo here -> https://youtu.be/yr9I_htGURI
Use Harbor as an internal registry:
docker login my.local.harbor
or
docker login 161.35.246.128
Pull nginx for example:
docker pull nginx
Tag the nginx image:
docker tag nginx:latest my.local.harbor/daniil/nginx:v2
* where 'daniil' is Harbor project
Push image to Harbor registry:
docker push my.local.harbor/daniil/nginx:v2
Check the result in Harbor project:
