2 Deployment #
The following procedures describe how to deploy SUSE Private Registry (Private Registry) on a Kubernetes cluster.
2.1 Prerequisites #
A Kubernetes cluster version 1.20 or higher
Helm version 3.2.0 or higher
Persistent Volume (PV) provisioner support in your infrastructure
An active subscription for SUSE Private Registry
2.2 Obtaining Kubernetes secrets from the SUSE Customer Center #
To download and install the Private Registry images from SUSE Registry, you need a Kubernetes secret with SUSE Customer Center (SCC) mirroring credentials. To obtain the credentials from SCC, follow these steps:
Visit SUSE Customer Center at https://scc.suse.com and log in.
Select the organization with an active Private Registry subscription from the left sidebar.
Select
Proxies
in the top menu. The credentials are displayed in the top right corner.To see the password, click the 'eye' icon.
Create a
password.txt
file containing the obtained password.$ head -1 ./password.txt | helm registry login registry.suse.com \ --username <PRIVATE_REGISTRY_USERNAME> --password-stdin
Create a namespace for SUSE Registry.
$ kubectl create namespace <PRIVATE_REGISTRY_NAMESPACE>
Store the mirroring credentials retrieved from SCC as Kubernetes secrets by running the following command:
$ kubectl create secret docker-registry suse-registry \ --namespace <PRIVATE_REGISTRY_NAMESPACE> \ --docker-server=registry.suse.com \ --docker-username=<PRIVATE_REGISTRY_USERNAME> \ --docker-password=$(head -1 ./password.txt)
Optionally, to use TLS encrypted communication, create a TLS secret from your private key and certificate files.
$ kubectl create secret tls suse-registry-tls \ --namespace <PRIVATE_REGISTRY_NAMESPACE> \ --cert=<CERTIFICATE>.pem \ --key=<PRIVATE_KEY>.pem
2.3 Installing and running Private Registry using Helm #
The following procedure describes how to install Private Registry using Helm.
Replace <RELEASE_NAME>
with your custom release name for the Helm chart deployment.
Log in to SUSE Registry using the obtained SCC mirroring credentials.
Install the latest version of the Private Registry Helm chart. To override the default installation with custom values from the
suse_registry_override.yaml
file`, refer to Appendix A, Overriding the SUSE Private Registry Helm chart.$ helm install <RELEASE_NAME> \ oci://registry.suse.com/private-registry/private-registry-helm \ --namespace <PRIVATE_REGISTRY_NAMESPACE>
The command starts deploying several related containers and may take several minutes to complete. It also prints a message with the URL to the {productnameshort} Web portal and commands to obtain the administrator credentials.
2.4 Upgrading Private Registry #
To upgrade the release of the Helm chart to a specific newer version, run the following command:
$ helm upgrade <RELEASE_NAME> \ oci://registry.suse.com/private-registry/private-registry-helm --version <NEW_VERSION_OF_HELM_CHART>> -namespace <PRIVATE_REGISTRY_NAMESPACE>