🌊
k8sクラスタにnerdctlを使ったプライベートレジストリを構築する
プライベートレジストリを使ってカスタムコンテナを自分のKubernetesクラスタに入れたいので、nerdctlをまずインストールすることになった。
containerd version:
$ containerd --version
containerd github.com/containerd/containerd 1.7.12
nerdctlをダウンロードする:
VERSION=$(curl -sL https://api.github.com/repos/containerd/nerdctl/releases/latest | grep '"tag_name":' | cut -d'"' -f4)
wget https://github.com/containerd/nerdctl/releases/download/${VERSION}/nerdctl-${VERSION#v}-linux-amd64.tar.gz
nerdctlは2.0.3になるが、たぶん大丈夫なはず。
This release of nerdctl is expected to be used with containerd v1.6, v1.7, or v2.0.
$ echo $VERSION
v2.0.3
tar -xzvf nerdctl-${VERSION#v}-linux-amd64.tar.gz
sudo mv nerdctl /usr/local/bin/
sudo chmod +x /usr/local/bin/nerdctl
$ nerdctl --version
nerdctl version 2.0.3
$ sudo nerdctl ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
Output
docker.io/library/registry:2: resolved |++++++++++++++++++++++++++++++++++++++|
index-sha256:319881be2ee9e345d5837d15842a04268de6a139e23be42654fc7664fc6eaf52: done |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:57350583fba19eaab4b4632aafa1537483a390dfd29c5b37c9d59e2467ce1b8e: done |++++++++++++++++++++++++++++++++++++++|
config-sha256:282bd1664cf1fccccf9f225118e31f9352f1f93e4d0ad485c92e74ec6b11ebd1: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:9959184a302f6f95d8be97229fb31def6700b1895b1ee92090129b60e6567820: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:b6afea20d55c46e60901e594cad0651da46b7437cf42a3c27e52d5bd37320165: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:f54a5150a7602eaef3169b83e73d5927b20aef2fcaefcba18b532bd63b328fff: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:c8f4e00e7d3c5ea061e25a18ba6127f79930efbbd3f3deb59c272ca0d6de23c3: done |++++++++++++++++++++++++++++++++++++++|
layer-sha256:665375f3730237f2109d398104a2072e38166ecf5d8316b1464f8a005146384e: done |++++++++++++++++++++++++++++++++++++++|
elapsed: 7.8 s total: 9.7 Mi (1.2 MiB/s)
99a757196b85f0b5470d774a035ec0b2da340947a3581fd2009a3a01966709a5
buildkitをインストールする
# Fetch the latest release version dynamically
LATEST_VERSION=$(curl -s https://api.github.com/repos/moby/buildkit/releases/latest | grep -oP '"tag_name": "\K(.*?)(?=")')
# Download the latest BuildKit release
wget "https://github.com/moby/buildkit/releases/download/${LATEST_VERSION}/buildkit-${LATEST_VERSION}.linux-amd64.tar.gz"
# Extract and install
sudo tar -C /usr/local -xzf "buildkit-${LATEST_VERSION}.linux-amd64.tar.gz"
rm "buildkit-${LATEST_VERSION}.linux-amd64.tar.gz"
sudo buildkitd &
$ buildctl --version
buildctl github.com/moby/buildkit v0.19.0 3637d1b15a13fc3cdd0c16fcf3be0845ae68f53d
今回使うDockerfile
# Use the official PHP image with Apache (built-in web server)
FROM php:8.2-apache
# Set the working directory to the web root
WORKDIR /var/www/html
# Copy the PHP source code into the container
COPY src/ /var/www/html/
# Ensure correct permissions for execution
RUN chmod -R a+rx /var/www/html
# Expose port 80 for web traffic
EXPOSE 80
# Start Apache in foreground mode
CMD ["apache2-foreground"]
phpファイル
<?php
$x = 0.0001;
for ($i = 0; $i <= 2000; $i++) {
$x += sqrt($x);
}
echo "OK\n";
?>
sudo nerdctl build -t greenteabiscuit/web-php:latest .
Output
...
unpacking docker.io/greenteabiscuit/web-php:latest (sha256:99a8d6c74db306b20a10394a641d076b2f3c0b04539aa6085be018cf7b159899)...
Loaded image: docker.io/greenteabiscuit/web-php:latest
docker hub login:
sudo nerdctl login docker.io
イメージにタグをつけ、プッシュする:
sudo nerdctl tag greenteabiscuit/web-php:latest docker.io/<your-username>/web-php:latest
sudo nerdctl push docker.io/<your-username>/web-php:latest
確認:
$ kubectl get pods -o wide
web-php-7ff76d6c6c-n7b8n 1/1 Running 0 2m58s 10.244.1.32 node01 <none> <none>
結局ローカルレジストリはHTTPSの関係でいつまでたっても走らなかったのでDocker Hubを使うことにしたのだった。
Discussion