Deploy Mirantis Secure Registry on any Kubernetes (Minikube, EKS, GKE, K0S, etc.)
Note: this blog post was originally published by Avinash Desireddy on Medium. You can view the original post here.
Docker Containers, Kubernetes, CNCF, and many other relevant projects completely changed how we package, ship, and run applications. As you all know, Kubernetes has become a defacto standard for running applications. At the same time, container registries and chart repositories play a crucial role in managing and delivering application packages to those Kubernetes clusters.
Google Container Registry, Docker Hub, Elastic Container Registry, Azure Container Registry, and Mirantis Secure Registry (MSR) are a few well-known registries, which can come in the form of on-prem solutions or hosted services.
In this article, you will learn about:
The capabilities of Mirantis Secure Registry
How to deploy MSR in Minikube
Pushing and pulling images from MSR
Mirantis Secure Registry enables users to store and manage container images and Helm chart repositories, automate development, and secure vulnerability-free images. With the 3.0 release of MSR, the capabilities of MSR exploded with change from the ability to run it only in an enterprise environment to the ability to run it anywhere, locally or on-prem or in the cloud — all you need is a Kubernetes cluster to which you can deploy Helm charts.
Here are a few capabilities of Mirantis Secure Registry:
Helm chart repository
Policy-based image promotion
Caching and mirroring
This is a multi-part series, In part #1 (this article), let us start by setting up MSR in a Minikube cluster to explore its capabilities.
To start, prepare your local workstation with the necessary tooling by following these steps:
Create and Access cluster
Now you’re ready to create the cluster. To do that, follow these steps:
Open a terminal.
Create a minikube cluster with the profile name “devmsr” by typing the following command:
Note: the profile name is optional — the default profile uses minikube as the cluster name
$ minikube start — profile devmsr
This command creates a minikube cluster with the name “devmsr”.
Open Lens → Locate the “devmsr” cluster in the Catalog section.
Select the cluster to connect to it.
Browse around within Lens to view
Integrated Terminal pre-configured with kubectl
Create objects, etc.
Install Mirantis Secure Registry
Now you’re ready to actually install MSR. To do that, follow these steps:
Verify that the Default Storage class is configured by choosing Navigate to Storage → Storage Classes → Check if Default is “Yes”
Install cert-manager on the cluster using the following command in the Lens Terminal tab:
$ kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.yaml
Wait for the pods to start.
Install the Postgres Operator on the cluster, including the
spilo_parameters, using these commands:
helm repo add postgres-operator https://opensource.zalando.com/postgres-operator/charts/postgres-operator/ helm repo up helm install postgres-operator postgres-operator/postgres-operator \ --set configKubernetes.spilo_runasuser=101 \ --set configKubernetes.spilo_runasgroup=103 \ --set configKubernetes.spilo_fsgroup=103
Wait for the pods to start.
Note: Several pods might restart during the process, but eventually they will succeed.
Accessing Mirantis Secure Registry
Now let’s look at accessing the MSR WebUI. Follow these steps:
Navigate to Network Section → Select Services
Locate “MSR” and Select for more details
Now, select the “HTTPS Forward” button next to the ports in the connection section to open the MSR Web UI in the browser.
The following Web UI will open:
Use the default credentials to log in
Select “Skip Now” or upload the license file if you obtained it from Mirantis.
We have successfully deployed MSR on the minikube cluster.
In the next part, I’ll talk about Repositories, Pushing, and pulling images to MSR.