registry 설정

[push]

docker

# 80 port로 서비스
# /etc/docker/daemon.json
{
  "insecure-registries": ["{도메인}"]
}

 

dns

# 데이터 전송속도가 빨라짐
# 이걸 안하면 외부로 돌기 때문에 겁나게 느림
{도메인} {ingress external IP}

[select]

nginx

# registry 내용 확인용
    server {
        listen 443;
        listen [::]:443;
        server_name {도메인}
        client_max_body_size 0;

        location / {
                proxy_pass http://{ingress external IP};
                proxy_set_header Host $host;
                proxy_pass_request_headers    on;
                #proxy_ssl_server_name on;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                #proxy_set_header X-Forwarded-Host $server_name;
                proxy_set_header X-Forwarded-For-Proto $scheme;
                #proxy_set_header X-Forwarded-Ssl off;
                proxy_request_buffering off;
        }
        
        ...

[pull]

containerd

sudo vi /etc/containerd/config.toml

# registry 도메인 https 예외처리
      [plugins."io.containerd.grpc.v1.cri".registry.mirrors."{도메인}"]
        endpoint = ["http://{도메인}"]
        
# 이 설정이 없으면 발생하는 에러
Failed to pull image "{도메인}/{이미지}:{태그}": failed to pull and unpack image "{도메인}/{이미지}:{태그}": failed to resolve reference "{도메인}/{이미지}:{태그}": failed to do request: Head "https://{도메인}r/v2/{이미지}/manifests/{태그}": tls: failed to verify certificate: x509: certificate is valid for ingress.local, not {도메인}