Creationshop/cannaiq
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
cannaiq/docs/DOCKER_REGISTRY.md
Kelly 25f9118662
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
fix: Use registry.spdy.io for k8s deployments 
- Update kubectl set image commands to use HTTPS registry URL
- Fix namespace from cannaiq to dispensary-scraper
- Add guidance on when to use which registry URL

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-16 12:37:11 -07:00

2.4 KiB
Raw Permalink Blame History

Using the Docker Registry Cache

To avoid Docker Hub rate limits, use our registry at registry.spdy.io (HTTPS) or 10.100.9.70:5000 (HTTP internal).

For Woodpecker CI (Kaniko builds)

In your .woodpecker.yml, use these Kaniko flags:

docker-build:
  image: gcr.io/kaniko-project/executor:debug
  commands:
    - /kaniko/executor
      --context=/woodpecker/src/...
      --dockerfile=Dockerfile
      --destination=10.100.9.70:5000/your-image:tag
      --registry-mirror=10.100.9.70:5000
      --insecure-registry=10.100.9.70:5000
      --cache=true
      --cache-repo=10.100.9.70:5000/your-image/cache
      --cache-ttl=168h

Key points:

  • --registry-mirror=10.100.9.70:5000 - Pulls base images from local cache
  • --insecure-registry=10.100.9.70:5000 - Allows HTTP (not HTTPS)
  • --cache=true + --cache-repo=... - Caches build layers locally

Available Base Images

The local registry has these cached:

Image Tags
node 20-slim, 22-slim, 22-alpine, 20-alpine
alpine latest
nginx alpine
bitnami/kubectl latest
gcr.io/kaniko-project/executor debug

Need a different image? Add it to the cache using crane:

kubectl run cache-image --rm -it --restart=Never \
  --image=gcr.io/go-containerregistry/crane:latest \
  -- copy docker.io/library/IMAGE:TAG 10.100.9.70:5000/library/IMAGE:TAG --insecure

Which Registry URL to Use

Context URL Why
Kaniko builds (CI) 10.100.9.70:5000 Internal HTTP, faster
kubectl set image registry.spdy.io HTTPS, k8s nodes can pull
Checking images Either works Same backend

DO NOT USE

  • --registry-mirror=mirror.gcr.io - Rate limited by Docker Hub
  • Direct pulls from docker.io - Rate limited (100 pulls/6hr anonymous)
  • 10.100.9.70:5000 in kubectl commands - k8s nodes require HTTPS

Checking Cached Images

List all cached images:

curl -s http://10.100.9.70:5000/v2/_catalog | jq

List tags for a specific image:

curl -s http://10.100.9.70:5000/v2/library/node/tags/list | jq

Troubleshooting

"no such host" or DNS errors

The CI runner can't reach the registry mirror. Make sure you're using 10.100.9.70:5000, not mirror.gcr.io.

"manifest unknown"

The image/tag isn't cached. Add it using the crane command above.

HTTP vs HTTPS errors

Always use --insecure-registry=10.100.9.70:5000 - the local registry uses HTTP.

Reference in New Issue View Git Blame Copy Permalink