# Zot Registry using bjw-s/app-template # ARM64 container registry with S3 (MinIO) storage backend controllers: zot: type: deployment replicas: 2 strategy: RollingUpdate containers: zot: image: repository: ghcr.io/project-zot/zot-linux-arm64 tag: v2.1.13 pullPolicy: IfNotPresent envFrom: - secretRef: name: minio-s3-credentials probes: liveness: enabled: true custom: true spec: tcpSocket: port: 5000 initialDelaySeconds: 5 periodSeconds: 10 readiness: enabled: true custom: true spec: tcpSocket: port: 5000 initialDelaySeconds: 5 periodSeconds: 10 resources: requests: cpu: 15m memory: 128Mi limits: memory: 128Mi pod: affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: matchLabels: app.kubernetes.io/name: zot topologyKey: kubernetes.io/hostname service: zot: controller: zot ports: http: port: 5000 ingress: zot: className: traefik annotations: cert-manager.io/cluster-issuer: letsencrypt-prod hosts: - host: zot0213.kro.kr paths: - path: / pathType: Prefix service: identifier: zot port: http tls: - secretName: zot-tls hosts: - zot0213.kro.kr persistence: config: type: configMap name: zot-config globalMounts: - path: /etc/zot/config.json subPath: config.json readOnly: true htpasswd: type: secret name: zot-htpasswd globalMounts: - path: /etc/zot/htpasswd subPath: htpasswd readOnly: true configMaps: config: data: config.json: | { "storage": { "rootDirectory": "/tmp/zot", "dedupe": false, "gc": true, "gcDelay": "1h", "gcInterval": "24h", "storageDriver": { "name": "s3", "regionendpoint": "http://minio.minio.svc.cluster.local:9000", "region": "us-east-1", "bucket": "zot", "secure": false, "skipverify": true } }, "http": { "address": "0.0.0.0", "port": "5000", "auth": { "htpasswd": { "path": "/etc/zot/htpasswd" } } }, "log": { "level": "info" }, "extensions": { "metrics": { "enable": true, "prometheus": { "path": "/metrics" } }, "search": { "enable": true }, "ui": { "enable": true } } }