Skip to content
/ image-proxy-cache-harbor Public

A demo for my blog post about how to implementa a proxy-cache to avoid facing rate-limit pulls of Dockehub

felipetrindade.com/proxy-cache-harbor/
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

felipelaptrin/image-proxy-cache-harbor

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
apps
apps
 
 
harbor
harbor
 
 
ingress-nginx
ingress-nginx
 
 
metallb
metallb
 
 
terraform
terraform
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
devbox.json
devbox.json
 
 
devbox.lock
devbox.lock
 
 
kind.yaml
kind.yaml
 
 

Repository files navigation

image-proxy-cache-harbor

This is a demo repository to support my Image proxy cache using Harbor blog post. The idea is to use Harbor to proxy-cache images and reduce calls to DockerHub.

Running this demo

Make sure you have devbox and docker installed.

  1. Create a Docker network for the Kind cluster
docker network create --subnet 172.100.0.0/16 custom-kind-network
  1. Install dependencies
devbox run init

This will create a Kind cluster, and install Metallb, Ingress NGINX and Harbor. This will take a few minutes because it waits for all these tools to get ready.

  1. Configure Harbor project
devbox run proxy-cache
  1. Create Kubernetes secrets for registry credentials
kubectl create secret -n default docker-registry regcred-harbor \
  --docker-server=harbor.ingress.local \
  --docker-username=admin \
  --docker-password=admin
  1. Allow insecure registries

SSH into the Kubernetes node

docker exec -it kind-worker bash

Then run

apt-get update
apt install vim -y
vim /etc/containerd/config.toml

Add the following lines to the file

[plugins."io.containerd.grpc.v1.cri".registry]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."harbor.ingress.local"]
    endpoint = ["https://harbor.ingress.local"]
  [plugins."io.containerd.grpc.v1.cri".registry.configs."harbor.ingress.local".tls]
    insecure_skip_verify = true
[plugins."io.containerd.grpc.v1.cri".registry.configs."harbor.ingress.local".auth]
  username = "admin"
  password = "admin"

Finally restart containerd

systemctl restart containerd
exit
  1. Deploy an application that uses Kustomize
devbox run app-with-kustomize
  1. Deploy an application that uses Helm Chart
devbox run app-with-helm
  1. Add Harbor URL to /etc/hosts
INGRESS_LB_IP=$(kubectl get svc ingress-nginx-controller -n ingress-nginx -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo "$INGRESS_LB_IP harbor.ingress.local" | sudo tee -a /etc/hosts
  1. Access Harbor UI

Access https://harbor.ingress.local and use admin as username and admin as password. Notice that a project called proxy_cache was created and have 2 repositories caches.

  1. Destroy everything
devbox run destroy

About

A demo for my blog post about how to implementa a proxy-cache to avoid facing rate-limit pulls of Dockehub

felipetrindade.com/proxy-cache-harbor/

Topics

blog kubernetes terraform helm devbox harbor metallb ingress-nginx opentofu

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages