云原生大前端之使用 Helm 部署 Verdaccio，在 Kubernetes 上运行私有 NPM Registry

介绍

Verdaccio 是一个简单的，零配置所需的本地私有 npm registry。无需整个数据库就可以开始！Verdaccio 开箱即用，有其自己的小型数据库，并具有代理其他注册中心的功能（例如：npmjs.org），并在此过程中缓存下载的模块。对于那些希望扩展其存储功能的用户，Verdaccio 支持各种社区制造的插件以挂接到 Amazon’s s3, Google Cloud Storage 等服务或创建自己的插件。

Verdaccio 是轻量级的私有 NPM 代理 registry。

提示：阅读本文需要你有一定的 kubernetes 使用基础。

Helm 部署

添加官方 Chart 仓库

helm repo add verdaccio https://charts.verdaccio.org

本地搜索查看一下刚添加的仓库

helm search repo verdaccio
# ...
# verdaccio/verdaccio     0.16.2          4.7.2           A lightweight private npm proxy registry (sinop...

直接将这个版本拉取到本地

helm pull verdaccio/verdaccio --version 0.16.2

设置 PVC，持久化数据

笔者这里是用公司内部 NFS 服务器做数据存储管理的

---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: verdaccio-data
  labels:
    app: verdaccio-data
spec:
  storageClassName: ""
  capacity:
    storage: 500Gi
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  mountOptions:
    - hard
    - nfsvers=4.1
  nfs:
    path: /home/nfs/verdaccio/data
    server: 10.1.1.28
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: verdaccio-data
spec:
  storageClassName: ""
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 500Gi
  selector:
    matchLabels:
      app: verdaccio-data

接下来是解压 verdaccio-0.16.2.tgz，复制 Chart 中的 values.yaml 进行定制。

启用并定制 Ingress

笔者使用的是 Traefik v2.2，所以如下：

ingress:
  enabled: true
  # Set to true if you are on an old cluster where apiVersion extensions/v1beta1 is required
  useExtensionsApi: true
  paths:
    - /
  hosts:
    - npm.your-company.com
  annotations:
    ingress.kubernetes.io/ssl-redirect: "true"
    ingress.kubernetes.io/proxy-body-size: "0"
    kubernetes.io/ingress.class: "traefik"
    traefik.ingress.kubernetes.io/router.tls: "true"
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
  tls:
    - secretName: your-company-cert
      hosts:
        - npm.your-company.com

persistence 配置

persistence:
  enabled: true
  ## A manually managed Persistent Volume and Claim
  ## Requires Persistence.Enabled: true
  ## If defined, PVC must be created manually before volume will be bound
  existingClaim: "verdaccio-data"

  ## Verdaccio data Persistent Volume Storage Class
  ## If defined, storageClassName: <storageClass>
  ## If set to "-", storageClassName: "", which disables dynamic provisioning
  ## If undefined (the default) or set to null, no storageClassName spec is
  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
  ##   GKE, AWS & OpenStack)
  ##
  storageClass: "-"

  accessMode: ReadWriteOnce
  size: 500Gi

configMap 配置

#....other
# 使用淘宝的cnpmjs镜像，加速
uplinks:
  npmjs:
    url: https://registry.npm.taobao.org/
# @company/* 的包直接从私有库中获取，其它的走 upstream
packages:
    '@company/*':
      # scoped packages
      access: $all
      publish: $authenticated
      proxy: npmjs
#....other