Gangmax Blog

自由之思想,独立之精神

Third Docker Notes

| Comments

How to setup private registry

From here.

  • Start the registry server
1
docker run -d -p 5000:5000 --restart=always --name registry registry:2
  • Make the registry can be accessed by others

Be default if you don’t do the following step, you can only access the registry from “localhost:5000”.

There are several ways to do this in the offical document, here is the simplest. You need to do the following steps in every client machine who wants to connect to this registry server.

1
2
3
4
5
6
# 1. Edit the client side "/etc/default/docker" file, and add the following
# content. Note that"lglbq177.lss.eemmcc.com" is your registry server domain name:
DOCKER_OPTS="$DOCKER_OPTS --insecure-registry lglbq177.lss.eemmcc.com:5000"
# 2. Restart your Docker service.
sudo service docker stop
sudo service docker start
  • Use the registry

From here.

1
2
3
4
5
6
7
# 0. You need to have a local build image.
# 1. Tag a local image and put it to the registry server.
docker tag niqi/hds lglbq177.lss.eemmcc.com:5000/niqi/hds
# 2. Push the local image to the registry.
docker push lglbq177.lss.eemmcc.com:5000/niqi/hds
# 3. Pull the image back from the registry.
docker pull lglbq177.lss.eemmcc.com:5000/niqi/hds
  • Set the storage backend

By default, your registry stores its data on the local filesystem, inside the container.

You can set a directory to storge the registry data by running the following command to start the registry:

1
2
3
4
docker run -d -p 5000:5000 \
    -e REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/var/lib/registry \
    -v /home/testuser/docker/registry:/var/lib/registry \
    --restart=always --name registry registry:2
  • Use Compose to start registry server

From here.

Create a “docker-compose.yml” file with the following content in it:

1
2
3
4
5
6
7
8
9
registry:
  restart: always
  image: registry:2
  ports:
    - 5000:5000
  environment:
    REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /var/lib/registry
  volumes:
    - /home/testuser/docker/registry:/var/lib/registry

Run “docker-compose up -d” to start the registry server.

How to develop with Docker and the registry

  • First you need to know how to push and pull images to/from the registry.
1
2
3
4
5
6
7
8
9
10
11
12
13
# 1. Build the local Docker file.
docker build -t niqi/hds .
# 2. Tag the created image with registry information.
docker tag niqi/hds lglbq177.lss.eemmcc.com:5000/niqi/hds
# 3. Push the image to the registry.
docker push lglbq177.lss.eemmcc.com:5000/niqi/hds

# After that, the image is in the registry and can be used by others.
# In another Docker client, in order to use the registry, you must
# modify your "/etc/default/docker" file by adding the line(without "#"):
# DOCKER_OPTS="$DOCKER_OPTS --insecure-registry lglbq177.lss.eemmcc.com:5000"
# Then you can pull the image from the registry:
docker pull lglbq177.lss.eemmcc.com:5000/niqi/hds
  • Then you can create a Docker Compose file to leverage the registry:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
host:
  image: lglbq177.lss.eemmcc.com:5000/niqi/win
  ports:
    - "5985:5985"
    - "5986:5986"
array:
  image: lglbq177.lss.eemmcc.com:5000/niqi/ecom
  ports:
    - "5988:5988"
    - "5989:5989"
switch:
  image: lglbq177.lss.eemmcc.com:5000/niqi/cisco
  ports:
    - "6022:22"
  links:
    - host
    - array
  • After that you can start the compose file very easily:
1
2
3
4
# Note the "--allow-insecure-ssl" argument without with docker-compose
# reports "HTTPS endpoint unresponsive and insecure mode isn't enabled"
# error when pulling the images from the registry.
docker-compose up --allow-insecure-ssl

Comments