# 1. 拉取代码
$ git clone https://github.com/wzshiming/crproxy.git
$ cd crproxy/examples/default
# 2. 修改网关域名
使用vim编辑start.sh文件,将第五行的gateway变量值修改为你自己设定的域名。
原:gateway=cr.zsm.io
修改为:gateway=XS.rapha.top #改成你自己的域名
# 3. 启动服务
$ ./start.sh
# 4. 拉取镜像示例
如果域名为xs.rapha.top,可以通过添加前缀的方式拉取镜像
$ docker pull xs.rapha.top/registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1
# 5. 设置别名
如果需要使用前缀替换方式拉取镜像,需要执行setup-alias.sh脚本,并为别名申请证书。
# 6. 重启服务
$ ./reload.sh
这个方式在k8s中不太实用。
推荐别名方式
第一个参数前缀替换的域名 第一个参数是源站的域名 第三个参数是在start.sh脚本里配置的网关域名
./setup-alias.sh k8s-gcr.rapha.top k8s.gcr.io xs.rapha.top
为别名申请证书
update-tls.sh k8s-gcr.rapha.top
最后这样
GETEWAY=rapha.top
DM=xs.rapha.top
./setup-alias.sh docker.${GETEWAY} docker.io ${DM}
./setup-alias.sh gcr.${GETEWAY} gcr.io ${DM}
./setup-alias.sh ghcr.${GETEWAY} ghcr.io ${DM}
./setup-alias.sh k8s-gcr.${GETEWAY} k8s.gcr.io ${DM}
./setup-alias.sh k8s.${GETEWAY} registry.k8s.io ${DM}
./setup-alias.sh quay.${GETEWAY} quay.io ${DM}
./update-tls.sh docker.${GETEWAY}
./update-tls.sh gcr.${GETEWAY}
./update-tls.sh ghcr.${GETEWAY}
./update-tls.sh k8s-gcr.${GETEWAY}
./update-tls.sh k8s.${GETEWAY}
./update-tls.sh quay.${GETEWAY}
./reload.sh
k8s中使用
apiVersion: v1
kind: Namespace
metadata:
name: registry-proxy
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: registry-proxy
namespace: registry-proxy
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: registry-proxy
rules:
- apiGroups: [""]
resources: ["namespaces", "configmaps", "secrets"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["admissionregistration.k8s.io"]
resources: ["mutatingwebhookconfigurations"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: registry-proxy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: registry-proxy
subjects:
- kind: ServiceAccount
name: registry-proxy
namespace: registry-proxy
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: registry-proxy
namespace: registry-proxy
spec:
selector:
matchLabels:
app: registry-proxy
template:
metadata:
labels:
app: registry-proxy
spec:
serviceAccountName: registry-proxy
containers:
- name: registry-proxy
image: registry.cn-hangzhou.aliyuncs.com/ketches/registry-proxy:v1.2.0
imagePullPolicy: Always
resources:
requests:
memory: "64Mi"
cpu: "50m"
limits:
memory: "256Mi"
cpu: "200m"
ports:
- containerPort: 443
---
apiVersion: v1
kind: Service
metadata:
name: registry-proxy
namespace: registry-proxy
spec:
selector:
app: registry-proxy
ports:
- port: 443
targetPort: 443
type: ClusterIP
会生成一个configmap
#编辑
kubectl edit cm -n registry-proxy registry-proxy-config
添加你域名
![[next.js] svgr/webpack](https://img-blog.csdnimg.cn/direct/d496cd86e8b741ce8f21bccb74950d42.png)
