https://kubernetes.github.io/ingress-nginx/examples/docker-registry/ https://sueboy.blogspot.com/2019/11/kubernetes-nodeport.html PS：Close basic auth just remark configmap.yml auth: #auth: # htpasswd: # realm: basic-realm # path: /auth/htpasswd README.md # Docker Registry K8s Domain：docker-registry Port:30500 /etc/hosts add 192.168.99.118 docker-registry ## ip is k8s host eth2's ip Finish command： docker login -u username -p password docker-registry:30500 [](https://3.bp.blogspot.com/-Wj82n6nvHkw/XHUVI-gNy7I/AAAAAAAAUE8/rs1l8mQuu8cKvkoMcZGn0lOfJUWY3udMgCLcBGAs/s1600/dockerloginsuccess.jpg) https://docs.docker.com/registry/insecure/ Deploy a plain HTTP registry ---------------------------- ```bash /etc/docker/daemon.json { "insecure-registries" : ["docker-registry:30500"] } Restart Docker for the changes to take effect https://blog.csdn.net/zsd498537806/article/details/79290732 https://serverfault.com/questions/611120/failed-tls-handshake-does-not-contain-any-ip-sans http://dockone.io/article/684 #-subj “/C=/ST=/L=/O=/OU=/CN=192.168.99.118” -subj “/C=/ST=/L=/O=/OU=/CN=docker-registry” ...

1、install Virtualbox 2、donwload & rename minikube.exe & move minikube.exe put file on path C:\minikube add path to system PATH https://storage.googleapis.com/minikube/releases/latest/minikube-windows-amd64.exe 3、download kubectl.exe put file on path C:\minikube https://storage.googleapis.com/kubernetes-release/release/v1.13.0/bin/windows/amd64/kubectl.exe 4、minikube start 5、check virtualbox have new minikube PS：Don’t start minikube with Virtualbox UI. Use cmd >minikube start 6、Run > minikube dashboard 7、Get IP > minikube ip

1. create htpasswd docker run --rm --entrypoint htpasswd registry:2 -Bbn username password > htpasswd docker run --rm --entrypoint htpasswd registry:2 -Bbn test test > htpasswd htpasswd file inside have two records: username & test 2. create registry_config.yml version: 0.1 log: fields: service: registry storage: delete: enabled: true cache: blobdescriptor: inmemory filesystem: rootdirectory: /var/lib/registry http: addr: :5000 headers: X-Content-Type-Options: [nosniff] Access-Control-Allow-Origin: ['*'] Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE'] Access-Control-Allow-Headers: ['Authorization'] Access-Control-Max-Age: [1728000] Access-Control-Allow-Credentials: [true] Access-Control-Expose-Headers: ['Docker-Content-Digest'] auth: htpasswd: realm: basic-realm path: /etc/docker/registry/htpasswd Access-Control-Allow-Origin can change you want. ...

https://kkc.github.io/2018/10/04/EKS-notes/ 為什麼需要 EKS 最主要是為了改善維護及升級 k8s cluster 的困難度，一般來說，自己維護的 k8s cluster 必需要很注意 master 的穩定性，而其他痛苦的地方像是升級 kubernetes version (master node)，etcd 的升級，etcd 的備份和還原，另外還有些問題像是有些人忘了更新 certificate ，超過了過期時間後，連不進 master node 的意外。所以在沒有一定大小程度的 kubernetes operation 團隊下，其實蠻推薦大家使用 managed k8s 像是 EKS, GKE, AKS 等等的 solution ，減少其心智負擔。

https://linux.cn/article-10469-1.html https://arp242.net/weblog/dont-need-k8s.html