this is a chaos

docker-registry/registry-deployment.yaml

@@ -0,0 +1,138 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+    name: docker-registry
+spec:
+    finalizers:
+    - kubernetes
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: docker-registry
+  namespace: docker-registry
+  annotations:
+    volume.beta.kubernetes.io/storage-class: "managed-nfs-storage"
+spec:
+  storageClassName: fast
+  accessModes:
+  - ReadWriteOnce
+  resources:
+    requests:
+      storage: 20Gi
+
+---
+apiVersion: apps/v1
+kind: Deployment 
+metadata:
+  name: registry
+  labels:
+    app: registry
+  namespace: docker-registry
+spec:
+  replicas: 1
+  selector:
+      matchLabels:
+          app: registry
+  template:
+      metadata:
+          labels:
+              app: registry
+      spec:
+        containers:
+        - name: registry
+          image: registry:2
+          imagePullPolicy: Always
+          env:
+          - name: REGISTRY_HTTP_SECRET
+            value: "ThisIsTotallySecret"
+          ports:
+            - containerPort: 5000
+          volumeMounts:
+            - mountPath: /var/lib/registry
+              name: registry-data
+            - mountPath: /etc/docker/registry
+              name: config
+        volumes:
+          - name: registry-data
+            persistentVolumeClaim:
+                claimName: docker-registry 
+          - name: config
+            configMap:
+              defaultMode: 420
+              name: docker-registry-config
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: docker-registry-config
+  namespace: docker-registry
+  labels:
+    app: registry
+data:
+  config.yml: |-
+    version: 0.1
+    log:
+      fields:
+        service: registry
+    storage:
+      delete:
+        enabled: true
+      cache:
+        blobdescriptor: inmemory
+      filesystem:
+        rootdirectory: /var/lib/registry
+    http:
+      addr: :5000
+      headers:
+        X-Content-Type-Options: [nosniff]
+        Access-Control-Allow-Origin: ['*']
+        Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE']
+        Access-Control-Allow-Headers: ['Authorization', 'Accept']
+        Access-Control-Max-Age: [1728000]
+        Access-Control-Allow-Credentials: [true]
+        Access-Control-Expose-Headers: ['Docker-Content-Digest']            
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: registry
+  namespace: docker-registry
+spec:
+  selector:
+    app: registry
+  ports:
+    - port: 5000
+      targetPort: 5000
+---
+apiVersion: v1
+data:
+  proxy-connect-timeout: "30"
+  proxy-read-timeout: "1801"
+  proxy-send-timeout: "1801"
+  proxy-body-size: "0"
+  client-max-body-size: "0"
+kind: ConfigMap
+metadata:
+  name: ingress-nginx-controller
+  namespace: ingress-nginx
+---
+apiVersion: networking.k8s.io/v1beta1 
+kind: Ingress
+metadata:
+    name: docker-registry
+    namespace: docker-registry
+    annotations:
+      nginx.ingress.kubernetes.io/proxy‑connect‑timeout: 30
+      nginx.ingress.kubernetes.io/proxy‑read‑timeout: 1800
+      nginx.ingress.kubernetes.io/proxy‑send‑timeout: 1800
+      nginx.ingress.kubernetes.io/proxy-body-size: 0 
+spec:
+    rules:
+    - host: docker-registry.lan
+      http:
+          paths:
+          - backend:
+              serviceName: registry
+              servicePort: 5000 
+            path: /