This article is not available in English, view it in Korean

Image Registry - Public Project Management

Print

The Image Registry service is provided using the open source project Harbor. It provides storage functions and user authentication functions for Docker Image management.

You can create a Public/Private project to manage images in order to provide services to multiple users. For additional information, refer to the guide below or the user guide on the open source project site.

To use the service, click Image Registry in the ZCP Console side menu.

TABLE OF CONTENTS

Create an account

Cluster administrators can register arbitrary users directly. After logging in as an administrator, click the Administration > Users > NEW USER button as shown below.


Enter the user information as shown below and click the OK button to create the user.

Create a public project

You can separate the image storage by project. You can set the project type to Public or Private, and there are the following differences.

User DistinctionauthorityPublicPrivate
Anonymous userPull (Read)OX
Push (Write)XX
Login UserPull (Read)OX
Push (Write)XX

Select the Projects menu and click the NEW PROJECT button.

Enter the Project Name, check the Public menu, and click the OK button.

If you check Public in the Access level, anyone can see the project. However, you must be a project member to push images.

If you do not check Public in the Access level, it will be created as Private and anyone who is not a project member will not be able to see the project.

This is what the project looks like when it's created.

Click on the Project name and click on the PUSH IMAGE menu on the right to see the docker command to upload an image to this project.

Push Image to Project

With Docker Client...

Log in to the Image Registry

To push an image to a public project or pull or push an image to a private project, you must log in to the Image Registry.

You can log in immediately by executing the following command. You must be registered as a project member to log in.

$ docker login [IMAGE_REGISTRY_URL] Username:                           # Image Registry 사용자 계정 Password:                           # Image Registry 사용자 비밀번호

Push Image

The method for pushing using the Docker command is the same as the existing method for pushing an image. You must perform docker login before pushing.

# 이미지 Tag를 생성합니다. $ docker tag SOURCE_IMAGE[:TAG] [IMAGE_REGISTRY_URL]/[프로젝트명]/IMAGE[:TAG] 

# 이미지를 Push 합니다. $ docker push [IMAGE REGISTRY URL]/[프로젝트명]/IMAGE[:TAG]

Pull Image

To pull using the Docker command, simply enter an accessible image.

$ docker pull [IMAGE_REGISTRY_URL]/[프로젝트명]/IMAGE[:TAG]


In a Kubernetes Pod...

Creating and registering an ImagePullSecret

When using Private Image Registry in Kubernetes Pod, you need to handle authentication like Docker login. For this, use ImagePullSecret.

Check the Secret created in the namespace with the command below.

$ kubectl get secret --namespace my-namespace NAME                  TYPE                                  DATA      AGE my-docker-secret      kubernetes.io/dockerconfigjson        1         1d my-tls-secret         kubernetes.io/tls                     2         1d

To create a Pod, add a Secret name to imagePullSecrets as shown below, and you can use the image when creating a Pod.

apiVersion: v1 kind: Pod metadata:  name: private-reg spec:  containers:  - name: private-reg-container    image: [IMAGE_REGISTRY_URL]/[프로젝트명]/IMAGE[:TAG]  imagePullSecrets:  - name: my-docker-secret

Project Member Management

To view a project or push an image, you must be registered as a project member.

You can add a member by entering the project as shown in the screen, clicking the Members tab, and pressing the NEW MEMBER button.


You can enter a new Member ID and role as follows:


Here are some things you can do for each role:

역할수행 권한
Project Admin

When a project is created, the creator is granted permissions.

Has Read/Write permissions for the project.

Has Add/Delete permissions for project members.

Developer

Has Read/Write permissions for the project.

Guest

Has Read permission for the project.

Online consultation

Contact us

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.