Kubernetes private docker registry - registry proxy doesn't work

Question

I'm running Kubernetes on a 3 node setup (Core OS - setup from this guide - https://coreos.com/kubernetes/docs/latest/deploy-master.html). I need to run a private docker registry in the setup, so I was following this guide: https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/registry

I think that the registry pod is running, at least there is an empty response from the registry pod on port 5000 (the guide says I should be getting a "404 Unauthorized" response). I'm testing this from a busybox, it even works with the dns hostname.

But the main problem is that the kube-registry-proxy won't run properly. I was able to get the proxies up and running by adding the definition yaml in the /etc/kubernetes/manifest/ folder on each node. When I list the pods from the kube-system namespace, I see this:

kube-registry-proxy-192.168.10.4       1/1       Running   0          32m
kube-registry-proxy-192.168.10.5       1/1       Running   0          3d
kube-registry-proxy-192.168.10.6       1/1       Running   0          1d

That seems to be working fine. But when I ssh into any node of the Kube cluster, and try tu run

curl -v localhost:5000

I'm getting this error:

* Rebuilt URL to: localhost:5000/
*   Trying 127.0.0.1...
* connect to 127.0.0.1 port 5000 failed: Connection refused
* Failed to connect to localhost port 5000: Connection refused
* Closing connection 0
curl: (7) Failed to connect to localhost port 5000: Connection refused

Also, when I run

sudo lsof -i|grep LISTEN

there is no port 5000 listed. Any clues?

EDIT: What I need is to be able to push and pull images from within kubernetes (so the pods ca use images from there) and also to be able to push images from outside (using the port forwarding method for port 5000 is sufficient, but other options are welcome too)

Answer 1

It's probably not listening on your localhost. If you are only interested in testing internal cluster traffic from any node within the cluster, you can curl the pod's IP or the service cluster IP:

$ kubectl get po <your_pod> -o yaml | grep -i podip
    podIP: <spod_private_ip>
$ curl <pod_private_ip>:5000
$ kubectl get svc <your_svc> -o yaml | grep -i -w 'clusterip\|port'
     clusterIP: <cluster_ip>
     port: 5000
$ curl <cluster_ip>:5000

To expose your service to external traffic, you will need to specify either the NodePort or LoadBalancer service type as seen in this K8s example.