Failed to pull an image from local registry in k8s

Question

I have setup a local registry that uses MinIO as the storage backend.

The setup is functional (that's the reason I do not paste here the deployment etc.) and I can connect to the registry using:

sudo docker login proj.name.registry:5045

and then to push an image:

sudo docker run hello-world
sudo docker tag hello-world proj.name.registry:5045/hello-world
sudo docker push proj.name.registry:5045/hello-world

Then I am able to see the pushed images in the browser using:

https://proj.name.registry:5045/v2/_catalog

or by giving the IP:

https://XX.XXX.XXX.32:5045/v2/_catalog

Additionally, the command:

curl -k https://proj.name.registry:5045/v2/_catalog

returns {"repositories":["hello-world"]}

Then I created a Deployment that tries to pull the image from the local registry using (secrets, volumes etc. are correct):

apiVersion: apps/v1
kind: Deployment
metadata:
  name: registry-test
  namespace: ches
  labels:
    app: registry-test
spec:
  replicas: 1
  selector:
    matchLabels:
      app: registry-test
  template:
    metadata:
      labels:
        app: registry-test
    spec:
      containers:
      - name: registry-test
        image: proj.name.registry:5045/hello-world
      imagePullSecrets:
        - name: ches-registry-secret

and I get the following error:

Failed to pull image "proj.name.registry:5045/hello-world": rpc error: code = Unknown desc = failed to pull and unpack image "proj.name.registry:5045/hello-world:latest": failed to resolve reference "proj.name.registry:5045/hello-world:latest": failed to do request: Head "https://proj.name.registry:5045/v2/hello-world/manifests/latest": dial tcp XX.XXX.XXX.120:5045: connect: connection refused

I have added in the /etc/hosts:

XX.XXX.XXX.32 charity.ches.registry

I assume that the error is here: dial tcp XX.XXX.XXX.120. The correct IP should be XX.XXX.XXX.32.

I tried to create a Service:

apiVersion: v1
kind: Service
metadata:
  name: ches-registry
  namespace: ches
spec:
  selector:
    app: ches-registry   #this selector to match the labels of my Deployment
  ports:
    - protocol: TCP
      port: 5045
      targetPort: 5045
  externalIPs:
    - XX.XXX.XXX.32

but it didn't work.

Deos anyone knows what am I doing wrong?

Answer 1

I managed to find a solution to the problem.

As I have a cluster and the registry is installed in the XX.XXX.XXX.32 node, the Deployment that is responsible to pull the image must be assigned to the correct node (XX.XXX.XXX.32).

As such, I found the hostname of the node and I added a nodeSelector.

The updated Deployment is:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: registry-test
  namespace: ches
  labels:
    app: registry-test
spec:
  replicas: 1
  selector:
    matchLabels:
      app: registry-test
  template:
    metadata:
      labels:
        app: registry-test
    spec:
      nodeSelector:
        kubernetes.io/hostname: node-cha-srret1
      containers:
      - name: registry-test
        image: proj.name.registry:5045/hello-world:latest
      imagePullSecrets:
        - name: ches-registry-secret