creylopez
/
k8s-cluster-projects


								borrarActual () {

									echo ">>>> Borrando registro actual..."

									kubectl delete -f registry-deployment.yaml

									kubectl delete -f registry-pv.yaml

									echo ">>>> Borrando secrets actuales..."

									kubectl delete secret auth-secret

									kubectl delete secret certs-secret

									kubectl delete secret reg-cred-secret

									kubectl delete pod/nginx-pod

								}


								step1 () {

									echo "Step 1: Creating files for authentication\n\n"

									echo ">>>> Creando directorios..."

									mkdir -p /registry && cd "$_"

									rm -rf auth/

									rm -rf certs/

									echo "Creando certificados..."

									mkdir certs

									openssl req -x509 -newkey rsa:4096 -days 365 -nodes -sha256 -keyout certs/tls.key -out certs/tls.crt -subj "/CN=docker-registry" -addext "subjectAltName = DNS:docker-registry"

									echo "Creando autorizaciones..."

									mkdir auth

									docker run --rm --entrypoint htpasswd registry:2.7.0 -Bbn creylopez Rey-1176 > auth/htpasswd

								}


								step2 () {

									echo "Step 2: Using secrets to mount the certificates\n\n"

									echo "Creando secret certs-secret..."

									kubectl create secret tls certs-secret --cert=/registry/certs/tls.crt --key=/registry/certs/tls.key

									echo "Creando secret auth-secret..."

									kubectl create secret generic auth-secret --from-file=/registry/auth/htpasswd

								}


								step3() {

									echo "Step 3: Creating Persistent Volume and Claim for repository storage\n\n"

									kubectl create -f /home/creylopez/k8s-cluster-projects/MiRegistry/registry-pv.yaml

								}


								step4() {

									echo "Step 4: Creating the Registry Pod\n\n"

									kubectl create -f /home/creylopez/k8s-cluster-projects/MiRegistry/registry-deployment.yaml

								}


								step5() {

									echo "Step 5: Allowing access to the registry\n\n"

									echo "Copio tls.cert a /etc..."

									sudo cp certs/tls.crt /etc/docker/certs.d/docker-registry\:32000/ca.crt

								}


								step6() {

									echo "Step 6: Testing our Private Docker Registry"

									docker login docker-registry:32000 -u creylopez -p Rey-1176

									echo "Creando secret reg-cred-secret..."

									kubectl create secret docker-registry reg-cred-secret --docker-server=docker-registry:32000 --docker-username=creylopez --docker-password=Rey-1176

									echo "Descargo imagen nginx..."

									docker pull nginx

									echo "... la etiqueto..."

									docker tag nginx:latest docker-registry:32000/minginx:1

									echo "... y la subo al registry... "

									docker push docker-registry:32000/minginx:1

									#kubectl exec docker-registry-pod -it -- sh

								}


								prueba() {

									echo "Creo un pod con la nueva imagen..."

									kubectl run nginx-pod --image=docker-registry:32000/minginx:v1 --overrides='{ "apiVersion": "v1", "spec": { "imagePullSecrets": [{"name": "reg-cred-secret"}] } }'

								}


								borrarActual

								#step1

								#step2

								#step3

								#step4

								#step5

								#step6

								#final