# 1. 拉取代码
$ git clone https://github.com/wzshiming/crproxy.git
$ cd crproxy/examples/default

# 2. 修改网关域名
使用vim编辑start.sh文件，将第五行的gateway变量值修改为你自己设定的域名。
原：gateway=cr.zsm.io 
修改为：gateway=XS.rapha.top #改成你自己的域名

# 3. 启动服务
$ ./start.sh

# 4. 拉取镜像示例
如果域名为xs.rapha.top，可以通过添加前缀的方式拉取镜像
$ docker pull xs.rapha.top/registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1

# 5. 设置别名
如果需要使用前缀替换方式拉取镜像，需要执行setup-alias.sh脚本，并为别名申请证书。

# 6. 重启服务
$ ./reload.sh

这个方式在k8s中不太实用。

推荐别名方式

第一个参数前缀替换的域名 第一个参数是源站的域名 第三个参数是在start.sh脚本里配置的网关域名

./setup-alias.sh k8s-gcr.rapha.top k8s.gcr.io xs.rapha.top

为别名申请证书
update-tls.sh k8s-gcr.rapha.top

最后这样

GETEWAY=rapha.top
DM=xs.rapha.top

./setup-alias.sh docker.${GETEWAY} docker.io ${DM}
./setup-alias.sh gcr.${GETEWAY} gcr.io ${DM}
./setup-alias.sh ghcr.${GETEWAY} ghcr.io ${DM}
./setup-alias.sh k8s-gcr.${GETEWAY} k8s.gcr.io ${DM}
./setup-alias.sh k8s.${GETEWAY} registry.k8s.io ${DM}
./setup-alias.sh quay.${GETEWAY} quay.io ${DM}

./update-tls.sh docker.${GETEWAY}
./update-tls.sh gcr.${GETEWAY}
./update-tls.sh ghcr.${GETEWAY}
./update-tls.sh k8s-gcr.${GETEWAY}
./update-tls.sh k8s.${GETEWAY}
./update-tls.sh quay.${GETEWAY}

#重启服务
./reload.sh

k8s中使用

apiVersion: v1
kind: Namespace
metadata:
  name: registry-proxy

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: registry-proxy
  namespace: registry-proxy

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: registry-proxy
rules:
- apiGroups: [""]
  resources: ["namespaces", "configmaps", "secrets"]
  verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["admissionregistration.k8s.io"]
  resources: ["mutatingwebhookconfigurations"]
  verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: registry-proxy
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: registry-proxy
subjects:
- kind: ServiceAccount
  name: registry-proxy
  namespace: registry-proxy

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: registry-proxy
  namespace: registry-proxy
spec:
  selector:
    matchLabels:
      app: registry-proxy
  template:
    metadata:
      labels:
        app: registry-proxy
    spec:
      serviceAccountName: registry-proxy
      containers:
      - name: registry-proxy
        image: registry.cn-hangzhou.aliyuncs.com/ketches/registry-proxy:v1.2.0
        imagePullPolicy: Always
        resources:
          requests:
            memory: "64Mi"
            cpu: "50m"
          limits:
            memory: "256Mi"
            cpu: "200m"
        ports:
        - containerPort: 443

---
apiVersion: v1
kind: Service
metadata:
  name: registry-proxy
  namespace: registry-proxy
spec:
  selector:
    app: registry-proxy
  ports:
  - port: 443
    targetPort: 443
  type: ClusterIP

会生成一个configmap

#编辑
 kubectl edit cm -n registry-proxy registry-proxy-config

添加你域名