Connection refused to docker private registry on Centos-7

General Discussions
#1

Hi all,
I have deployed a private docker registry using k8s deployment with basic auth and tls self signed certificate on Centos-7 VM. I can pull and push docker image when deploying without basic authentication (in my case htpasswd). Once I deploy the private registry with enabling basic authentication, I can’t login dot registry, it says connection refused.

$ docker login ktmaster:30310 -u xxxxxx -p xxxxxxx
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get “https://ktmaster:30310/v2/”: dial tcp 192.168.0.160:30310: connect: connection refused

k8s config file:

apiVersion: apps/v1
kind: Deployment
metadata:
name: private-repository-k8s
labels:
app: private-repository-k8s
spec:
replicas: 1
selector:
matchLabels:
app: private-repository-k8s
template:
metadata:
labels:
app: private-repository-k8s
spec:
volumes:
- name: certs-vol
hostPath:
path: /opt/certs
type: Directory
- name: registry-vol
hostPath:
path: /opt/registry
type: Directory
- name: auth-vol
hostPath:
path: /opt/auth
type: Directory
containers:
- name: private-repository-k8s
image: registry:2.6.2
imagePullPolicy: IfNotPresent
args:
args:
- sleep
- “300”
env:
- name: REGISTRY_AUTH
value: “htpasswd”
- name: REGISTRY_AUTH_HTPASSWD_REALM
value: “Registry Realm”
- name: REGISTRY_AUTH_HTPASSWD_PATH
value: “/opt/auth/htpasswd”
- name: REGISTRY_HTTP_TLS_CERTIFICATE
value: “/certs/server.crt”
- name: REGISTRY_HTTP_TLS_KEY
value: “/certs/server.key”
ports:
- containerPort: 5000
volumeMounts:
- name: certs-vol
mountPath: /certs
readOnly: true
- name: registry-vol
mountPath: /var/lib/registry
readOnly: true
- name: auth-vol
mountPath: /opt/auth
readOnly: true

Service config file

apiVersion: v1
kind: Service
metadata:
labels:
app: private-repository-k8s
name: private-repository-k8s
spec:
ports:

  • port: 5000
    nodePort: 30310
    protocol: TCP
    targetPort: 5000
    selector:
    app: private-repository-k8s
    type: NodePort

I did all workaround without any luck. I have configured all settings with TLS certificate i.e. copy ca.crt/server.crt certificate in /etc/docker/certs.d/ktmaster:30310/, /etc/ssl/certs/, /etc/pki/ca-trust/source/anchors/

Is anyone faced this issue? If anyone has the solution, please share.

Many thanks.