Deploy Mirantis Secure Registry on any Kubernetes (Minikube, EKS, GKE, K0S, etc.)

Avinash Desireddy - January 19, 2022 - , , , ,

Note: this blog post was originally published by Avinash Desireddy on Medium. You can view the original post here.

Docker Containers, Kubernetes, CNCF, and many other relevant projects completely changed how we package, ship, and run applications. As you all know, Kubernetes has become a defacto standard for running applications. At the same time, container registries and chart repositories play a crucial role in managing and delivering application packages to those Kubernetes clusters.

Google Container Registry, Docker Hub, Elastic Container Registry, Azure Container Registry, and Mirantis Secure Registry (MSR) are a few well-known registries, which can come in the form of on-prem solutions or hosted services.

In this article, you will learn about:

  • The capabilities of Mirantis Secure Registry
  • How to deploy MSR in Minikube
  • Pushing and pulling images from MSR

Mirantis Secure Registry enables users to store and manage container images and Helm chart repositories, automate development, and secure vulnerability-free images. With the 3.0 release of MSR, the capabilities of MSR exploded with change from the ability to run it only in an enterprise environment to the ability to run it anywhere, locally or on-prem or in the cloud — all you need is a Kubernetes cluster to which you can deploy Helm charts.

Here are a few capabilities of Mirantis Secure Registry:

  • Access control
  • Security scanning
  • Repository automation
  • Image management
  • Helm chart repository
  • Policy-based image promotion
  • Caching and mirroring

This is a multi-part series, In part #1 (this article), let us start by setting up MSR in a Minikube cluster to explore its capabilities.

To start, prepare your local workstation with the necessary tooling by following these steps:

Create and Access cluster

Now you’re ready to create the cluster. To do that, follow these steps:

  • Open a terminal.
  • Create a minikube cluster with the profile name “devmsr” by typing the following command:

Note: the profile name is optional — the default profile uses minikube as the cluster name

$ minikube start — profile devmsr

This command creates a minikube cluster with the name “devmsr”.

msr minikube cluster
  • Open Lens → Locate the “devmsr” cluster in the Catalog section.
connecting devmsr cluster via Lens UI
  • Select the cluster to connect to it.
devmsr cluster is connected via Lens UI
  • Browse around within Lens to view
    • Cluster configurations
    • Integrated Terminal pre-configured with kubectl
    • Cluster metrics
    • Create objects, etc.

Learn more about Lens here.

Install Mirantis Secure Registry

Now you’re ready to actually install MSR. To do that, follow these steps:

  • Verify that the Default Storage class is configured by choosing Navigate to StorageStorage ClassesCheck if Default is “Yes”
finding and selecting the correct storage class via Lens UI
$ kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.yaml
  • Wait for the pods to start.
workloads overview tab from Lens UI
helm repo add postgres-operator https://opensource.zalando.com/postgres-operator/charts/postgres-operator/
helm repo up
helm install postgres-operator postgres-operator/postgres-operator \
--set configKubernetes.spilo_runasuser=101 \
--set configKubernetes.spilo_runasgroup=103 \
--set configKubernetes.spilo_fsgroup=103
  • Wait for the pods to start.
waiting for pods to start after installing Postgres Operator
  • Install MSR on the cluster using this command:
helm install msr msr \
--repo https://registry.mirantis.com/charts/msr/msr \
--version 1.0.0
  • Wait for the pods to start:
installing msr on the cluster via the Lens UI

Note: Several pods might restart during the process, but eventually they will succeed.

Installing msr to your cluster via Lens UI

Accessing Mirantis Secure Registry

Now let’s look at accessing the MSR WebUI. Follow these steps:

  • Navigate to Network Section → Select Services
  • Locate “MSR” and Select for more details
Network section of Lens UiI with view of available network services
  • Now, select the “HTTPS Forward” button next to the ports in the connection section to open the MSR Web UI in the browser.
highlighting the "Forward" button from Network Services section of Lens UI
  • The following Web UI will open:
sign in page via the MSR Web UI
  • Use the default credentials to log in
    • Username: admin
    • Password: password
  • Select “Skip Now” or upload the license file if you obtained it from Mirantis.
Repository home screen via MSR Web UI

We have successfully deployed MSR on the minikube cluster.

In the next part, I’ll talk about Repositories, Pushing, and pulling images to MSR.

For more information on Mirantis Secure Registry (MSR), check out our product page or try it for yourself today.

banner-img
From Virtualization to Containerization
Learn how to move from monolithic to microservices in this free eBook
Download Now
Radio Cloud Native – Week of May 11th, 2022

Every Wednesday, Nick Chase and Eric Gregory from Mirantis go over the week’s cloud native and industry news. This week they discussed: Docker Extensions Artificial Intelligence shows signs that it's reaching the common person Google Cloud TPU VMs reach general availability Google buys MobileX, folds into Google Cloud NIST changes Palantir is back, and it's got a Blanket Purchase Agreement at the Department of Health and Human …

Radio Cloud Native – Week of May 11th, 2022
Where do Ubuntu 20.04, OpenSearch, Tungsten Fabric, and more all come together? In the latest Mirantis Container Cloud releases!

In the last several weeks we have released two updates to Mirantis Container Cloud - versions 2.16 and 2.17, which bring a number of important changes and enhancements. These are focused on both keeping key components up to date to provide the latest functionality and security fixes, and also delivering new functionalities for our customers to take advantage of in …

Where do Ubuntu 20.04, OpenSearch, Tungsten Fabric, and more all come together? In the latest Mirantis Container Cloud releases!
Monitoring Kubernetes costs using Kubecost and Mirantis Kubernetes Engine [Transcript]

Cloud environments & Kubernetes are becoming more and more expensive to operate and manage. In this demo-rich workshop, Mirantis and Kubecost demonstrate how to deploy Kubecost as a Helm chart on top of Mirantis Kubernetes Engine. Lens users will be able to visualize their Kubernetes spend directly in the Lens desktop application, allowing users to view spend and costs efficiently …

Monitoring Kubernetes costs using Kubecost and Mirantis Kubernetes Engine [Transcript]
FREE EBOOK!
Service Mesh for Mere Mortals
A Guide to Istio and How to Use Service Mesh Platforms
DOWNLOAD
Technical training
Learn Kubernetes & OpenStack from Deployment Experts
Prep for certification!
View schedule
Mirantis Webstore
Purchase Kubernetes support
SHOP NOW