zot fixes
This commit is contained in:
parent
fadfdbd8c0
commit
46d94f6052
@ -14,3 +14,5 @@ spec:
|
||||
name: flux-system
|
||||
namespace: flux-system
|
||||
wait: true
|
||||
dependsOn:
|
||||
- name: core
|
||||
|
||||
@ -1,24 +0,0 @@
|
||||
{
|
||||
"storage": { "rootDirectory": "/var/lib/registry" },
|
||||
"log": { "level": "info" },
|
||||
"http": {
|
||||
"address": "0.0.0.0",
|
||||
"port": "5000",
|
||||
"auth": {
|
||||
"htpasswd": { "path": "/etc/zot/htpasswd" }
|
||||
},
|
||||
"accessControl": {
|
||||
"repositories": {
|
||||
"**": {
|
||||
"anonymousPolicy": ["read"],
|
||||
"policies": [
|
||||
{
|
||||
"users": ["bstein"],
|
||||
"actions": ["create", "update", "delete"]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
32
services/zot/configmap.yaml
Normal file
32
services/zot/configmap.yaml
Normal file
@ -0,0 +1,32 @@
|
||||
# services/zot/configmap.yaml
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: zot-config
|
||||
namespace: zot
|
||||
data:
|
||||
config.json: |
|
||||
{
|
||||
"storage": { "rootDirectory": "/var/lib/registry" },
|
||||
"http": {
|
||||
"address": "0.0.0.0",
|
||||
"port": "5000",
|
||||
"auth": {
|
||||
"htpasswd": {
|
||||
"path": "/etc/zot/htpasswd",
|
||||
"realm": "zot"
|
||||
}
|
||||
},
|
||||
"accessControl": {
|
||||
"repositories": [
|
||||
{
|
||||
"pattern": "**",
|
||||
"policies": [
|
||||
{ "users": ["*"], "actions": ["read"] }
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"log": { "level": "info" }
|
||||
}
|
||||
@ -17,41 +17,50 @@ spec:
|
||||
kubernetes.io/arch: arm64
|
||||
containers:
|
||||
- name: zot
|
||||
image: ghcr.io/project-zot/zot-linux-arm64:v2.1.7
|
||||
image: ghcr.io/project-zot/zot-linux-arm64:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
args: ["serve", "/etc/zot/config.json"]
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: 5000
|
||||
- { name: http, containerPort: 5000 }
|
||||
volumeMounts:
|
||||
- name: cfg
|
||||
mountPath: /etc/zot/config.json
|
||||
subPath: config.json
|
||||
readOnly: true
|
||||
- name: htpasswd
|
||||
mountPath: /etc/zot/htpasswd
|
||||
subPath: htpasswd
|
||||
readOnly: true
|
||||
- name: zot-data
|
||||
mountPath: /var/lib/registry
|
||||
- name: cfg
|
||||
mountPath: /etc/zot
|
||||
readinessProbe:
|
||||
tcpSocket: { port: 5000 }
|
||||
httpGet:
|
||||
path: /v2/
|
||||
port: http
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 10
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /v2/
|
||||
port: http
|
||||
initialDelaySeconds: 15
|
||||
periodSeconds: 20
|
||||
resources:
|
||||
requests:
|
||||
cpu: "50m"
|
||||
memory: "64Mi"
|
||||
limits:
|
||||
memory: "256Mi"
|
||||
cpu: 50m
|
||||
memory: 64Mi
|
||||
volumes:
|
||||
- name: cfg
|
||||
configMap:
|
||||
name: zot-config
|
||||
items:
|
||||
- key: config.json
|
||||
path: config.json
|
||||
- name: htpasswd
|
||||
secret:
|
||||
secretName: zot-htpasswd
|
||||
- name: zot-data
|
||||
persistentVolumeClaim:
|
||||
claimName: zot-data
|
||||
- name: cfg
|
||||
projected:
|
||||
sources:
|
||||
- configMap:
|
||||
name: zot-config
|
||||
items:
|
||||
- key: config.json
|
||||
path: config.json
|
||||
- secret:
|
||||
name: zot-htpasswd
|
||||
items:
|
||||
- key: htpasswd
|
||||
path: htpasswd
|
||||
|
||||
|
||||
|
||||
@ -5,13 +5,7 @@ resources:
|
||||
- namespace.yaml
|
||||
- pvc.yaml
|
||||
- deployment.yaml
|
||||
- configmap.yaml
|
||||
- service.yaml
|
||||
- ingress.yaml
|
||||
|
||||
configMapGenerator:
|
||||
- name: zot-config
|
||||
files:
|
||||
- config.json=config.json
|
||||
|
||||
generatorOptions:
|
||||
disableNameSuffixHash: true
|
||||
|
||||
@ -10,3 +10,4 @@ spec:
|
||||
resources:
|
||||
requests:
|
||||
storage: 25Gi
|
||||
storageClassName: asteria
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user