Skip to content

Registry rewrites

About this guide

Sometimes in corporate environments you need to use custom or internal only registries for your Docker images. This guide will show you how to configure custom rewrites for Docker registries within a k3s Kubernetes cluster. This will keep your deployment files clean and you can use the same deployment files for your local development and production environment.

Edit the k3s config file

Edit: /etc/rancher/k3s/registries.yaml

mirrors:
  "docker.io":
    endpoint:
      - "https://artifactory.<comapny>.com"
    rewrite:
      "^rancher/(.*)": "docker-io/$1"
  "gcr.io":
    endpoint:
      - "https://artifactory.<comapny>.com"
    rewrite:
      "^kubebuilder/(.*)": "gcr-io/$1"
  "quay.io":
    endpoint:
      - "https://artifactory.<comapny>.com"
    rewrite:
      "^ansible/(.*)": "quay-io/$1"

configs:
  "artifactory.<comapny>.com":
    auth:
      username: <your username>
      password: <your key>

In this example I am using artifactory as my internal registry. You can use any registry you want. Just change the endpoint and rewrite rules.

I have obfuscated the company name and registry name for security reasons.

The rewrite rules are regex based. So you can use any regex you want. But this works for me. It basically rewrites the docker.io, gcr.io and quay.io to my internal registry to pull images from artifactory..com/docker-io, artifactory..com/gcr-io and artifactory..com/quay-io repositories.

Restart k3s

systemctl restart k3s

Comments