parask.me

Random thoughts about devops.

© 2023. All rights reserved, lefts are not.

Migrating: Docker registry on kubernetes with Azure Blob Storage

Rational

Running statefull services on k8s is something that many people do, but everyone will agree that running staless is a lot easier and fun. In the case of docker registry its not possible to be stateless, but the storage can be decoupled from k8s and served by another service like Azure Blob Storage.

Let’s start

So the first thing to do is to create an azure storage account, lets say:

mycontainerregistry

and then create the actual blob container inside let’s call it:

images

Finaly from the same page get an access key so you can have programmatic access to that storage account.

Now that we you programmatic access, you need copy your existing images from disk to Azure Blob Storage. To do so you need to use az storage blob upload-batch command.

from the root directory that containes your /var/lib/registry mount, lets say it;s registry/ execute the following command. To be sure that directory is correct, check that registry/ containes the following sub-directories docker/registry/v2/. Those are the contents that you need to upload.

➜ az storage blob upload-batch -s registry -d "images/" --account-key <storage_account_key> --account-name mycontainerregistry

The above command will start uploading blobs one by one and depending on you docker registry size and connection it may take a lot of time so its best schedule some downtime for tyour registry.

When the uploading is finished, you need to create a docker registry deployment on k8s (I will not document that as its very simple) and configure it to use the above storage account and container as backend.

You can do that either with environmental variables or with a config-map as shown below:

version: 0.1
log:
    fields:
    service: registry
    level: error
storage:
    cache:
        blobdescriptor: inmemory
    azure:
        accountname: "mycontainerregistry"
        accountkey: "<storage_account_key>"
        container: "images"
http:
    addr: :5000
    headers:
        X-Content-Type-Options: [nosniff]
health:
    storagedriver:
    enabled: true
    interval: 10s
    threshold: 3

Fin

Thats all!

Comments

comments powered by Disqus