K8s Build npm Private Active verdaccio

This article is similar to my previous "k8s Build a pip private source devpi":
Prepare knowledge:
Need to be familiar with building docker mirrors, k8s building, deploying applications, deployment (nodeSelect, node affinity, etc.), service, ingress writing yml files, not familiar with the first to play a basic look

1. Private docker mirror warehouse (unnecessary)

2. k8s cluster (with nginx ingress installed) (necessary)

3. Build verdaccio mirror using Dockerfile (necessary)

(Node:latest mirror is used here, verdaccio/verdaccio mirror is used on the Internet. When host shared storage is mounted to store module packages, service startup error occurs, prompting that there is no permission to write because verdaccio/verdaccio mirror uses verdaccio user to run services. Although my host shared storage has 777 permissions set, it prompts that there is no permission to write, soLater, I ran the service directly with node:latest mirror root privilege, which resolved the problem)

cat Dockerfile

FROM node:latest
RUN mkdir -p /verdaccio/storage && \
    npm_config_user=root npm install -g verdaccio
WORKDIR /verdaccio
EXPOSE 4873
CMD ["verdaccio","--config","/verdaccio/conf/config.yaml"]

Start build ing the mirror, which is named verdaccio, noting that'. 'will automatically look for Dockerfile in the current directory

docker build -t verdaccio .

(Once the mirror is built, you can see a local image called verdaccio: docker images command view)
(
You can also push to your own docker mirror repository (which makes it easy for k8s to use public mirrors at each node):
docker login xxx
docker push verdaccio
)

4. Create namespace verdaccio-namespaces.yml (namespaces)

(unnecessary, available default namespace)

cat devpi-namespaces.yml

apiVersion: v1
kind: Namespace
metadata:
   name: verdaccio
   labels:
     name: verdaccio

5. Create verdaccio-deployment.yml (deployment)

Before preparing: Shared Storage
(1) The node mounts the shared storage directly (use this method here)
(2) Deploy shared storage using PV, PVC (optional)
Mount shared storage (mount partition / data/verdaccio) on the nodes where devpi will be deployed to store service configuration files and module packages, as mentioned later in the article
(necessary)
Start writing yml file

cat verdaccio-deployment.yml

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: verdaccio
  namespace: verdaccio
  labels:
    app: verdaccio
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: verdaccio
    spec:
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: kubernetes.io/hostname
                operator: In
                values:
                - node162
      containers:
      - name: verdaccio
        image:  verdaccio
        securityContext:
          privileged: true
        ports:
        - containerPort: 4873
        volumeMounts:
        - name: hosts
          mountPath: /etc/hosts
        - name: storage
          mountPath: /verdaccio/storage
        - name: conf
          mountPath: /verdaccio/conf
      imagePullSecrets:
      - name: verdaccio
      volumes:
      - name: hosts
        hostPath:
          path: /etc/hosts
      - name: storage
        hostPath:
          path: /data/verdaccio/storage
      - name: conf
        hostPath:
          path: /data/verdaccio/conf

Related field explanations:
NodeAffinity: values: - node162 (node 162 for deploying pod, modified as appropriate)
image:verdaccio (use the mirror you built in step 3 and modify it to suit your needs)
volumeMounts:
mountPath: /verdaccio/storage (for module files)
mountPath: /verdaccio/conf (for service startup configuration file (config.yaml) and password file (htpasswd), provided below)
volumes:
path: /data/verdaccio/storage (node physical machine path for mounting to pod/verdaccio/storage)
path: /data/verdaccio/conf (node physical machine path for mounting to pod/verdaccio/conf)

(1) Service startup configuration file config.yaml (saved to node 162 node/data/verdaccio/config path)

cat config.yaml

storage: /verdaccio/storage
auth:
  htpasswd:
    file: /verdaccio/conf/htpasswd
  security:
  api:
    jwt:
      sign:
        expiresIn: 60d
        notBefore: 1
  web:
    sign:
      expiresIn: 7d
uplinks:
   # Agent official source library, when the module is not found locally, it will officially download to the local cache
  npmjs:
    url: https://registry.npmjs.org/
packages:
  '@jota/*':
      access: $all
      publish: $all
  '@*/*':
    # scoped packages
    access: $all
    publish: $all
    proxy: npmjs
  '**':
    access: $all
    # allow all known users to publish packages
    # (anyone can register by default, remember?)
    publish: $all
    # if package is not available locally, proxy requests to 'npmjs' registry
    proxy: npmjs
middlewares:
  audit:
    enabled: true
logs:
  - {type: stdout, format: pretty, level: trace}
  #- {type: file, path: verdaccio.log, level: info}
#Listening Port
listen: 0.0.0.0:4873

(2) Password file

Please use (htpasswd/data/verdaccio/conf/htpasswd test) command to generate, save to specified path, test is the user initialized for default login verdaccio, can customize user name

6. Create verdaccio-service.yml (service)

Before preparation:
Exposing the verdaccio port service
(1) nodePort (not used, not combined with ingress)
(2) ClusterIP (this is the case here)

cat verdaccio-service.yml

apiVersion: v1
kind: Service
metadata:
  name: verdaccio
  namespace: verdaccio
  labels:
    app: verdaccio
spec:
  type: ClusterIP
  ports:
    - name: http
      port: 80
      targetPort: 4873
  selector:
    app: verdaccio

7. Create verdaccio-ingress.yml (access verdaccio via domain name)

Before preparing: Add resolution to npm.test.local domain name
Add Ingres domain name for verdaccio service

cat verdaccio-ingress.yml

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: verdaccio
  namespace: verdaccio
spec:
  rules:
  - host: npm.test.local
    http:
      paths:
      - path: /
        backend:
          serviceName: verdaccio
          servicePort: 80

8. k8s deployment verdaccio

kubectl apply -f verdaccio-namespaces.yml

kubectl apply -f verdaccio-deployment.yml

kubectl apply -f verdaccio-services.yml

kubectl apply -f verdaccio-ingress.yml

9. After test deployment, you can open http://npm.test.local with your browser

You can view private libraries using the test user login

10, test

###Installation

npm set registry http://npm.test.local

npm install pm2 -g

You will find that you download from the official library for the first time, and then install from the local private library cache for the second time

###Publish

npm set registry http://npm.test.local

npm login (login with test user is required first)

npm publish

###Add User

npm login (login with test user is required first)

npm adduser (the added user is appended and saved in the password file htpasswd)

Tags: Linux npm Docker pip Nginx

Posted on Fri, 15 May 2020 14:16:15 -0400 by FlashbackJon