minikube can't access remote Harbor registry

0
votes

Even start minikube using minikube start --insecure-registry "<HARBOR_HOST_IP>", when tried to run a deployment yaml file which include image path like <HARBOR_HOST_IP>/app/server, got error:

Failed to pull image "[HARBOR_IP]/app/server": rpc error: code = 2 desc = Error response from daemon: {"message":"Get https://[HARBOR_IP]/v1/_ping: dial tcp [HARBOR_IP]:443: getsockopt: connection refused"} Error syncing pod

How to set insecure-registry correctly in minikube?

Edit

Tag current docker image with 80 port:

docker tag server <HARBOR_HOST_IP>:80/app/server

Push it to Harbor registry server:

docker push <HARBOR_HOST_IP>:80/app/server

Unfortunately remote Harbor host denied:

The push refers to a repository [<HARBOR_HOST_IP>:80/app/server]
00491a929c2e: Preparing
ec4cc3fab4be: Preparing
e7d3ac95d998: Preparing
8bb050c3d78d: Preparing
4aa9e88e4148: Preparing
978b58726b5e: Waiting
2b0fb280b60d: Waiting
denied: requested access to the resource is denied

Even added <HARBOR_HOST_IP>:80 to local insecure-registries list.

2
kubernetesdocker-registryminikubeharbor

2 Answers

1
votes

It is working if you always define port 80 when you communicate with your docker registry which works on port 80.

Build an image:

docker build -t <REGISTRY_IP>:80/<name> <path>

Push it to registry:

docker push <REGISTRY_IP>:80/<name>

Start minikube with this insecure registry:

minikube start --insecure-registry <REGISTRY_IP>:80

Create deployment:

kubectl create -f test.yaml

where test.yaml is: 

apiVersion: extensions/v1beta1                                                                                                                                                                          
kind: Deployment                                                                                                                                                                                        
metadata:                                                                                                                                                                                               
  name: test                                                                                                                                                                                     
spec:                                                                                                                                                                                                   
  template:                                                                                                                                                                                             
    metadata:                                                                                                                                                                                           
      labels:                                                                                                                                                                                           
        app: test                                                                                                                                                                                
    spec:                                                                                                                                                                                               
      containers:                                                                                                                                                                                       
      - image: 192.168.1.11:80/<name>                                                                                                                                                    
        name: test                                                                                                                                                                               
        imagePullPolicy: Always
1
votes

Have you added secret in kubernetes? Please refer the link to add secret: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

kubectl create secret docker-registry regcred --docker-server=<your-registry-server> --docker-username=<your-name> --docker-password=<your-pword> --docker-email=<your-email>

Then use the secret in kubernetes yaml.

apiVersion: v1
kind: Pod
metadata:
  name: private-reg
spec:
  containers:
  - name: private-reg-container
    image: <your-private-image>
  imagePullSecrets:
  - name: regcred