GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → cloudfoundry-community → docker-registry-boshrelease

cloudfoundry-community / docker-registry-boshrelease

Licence: MIT License
Run your own private Docker Registry in standalone mode (without requiring the public index) on AWS, OpenStack or vSphere with BOSH

Programming Languages

shell
77523 projects
HTML
75241 projects

Private Docker Registry deployed with BOSH

Run your own private Docker Registry in standalone mode (without requiring the public index).

Simple deployment with internal DNS

The default deployment manifest will create an internal DNS hostname docker-registry.bosh for clients to use.

bosh -d docker-registry deploy manifests/docker-registry.yml

Now fetch the self-signed root CA, and the admin basic-auth password, and store in local files:

credhub get -n /bucc/docker-registry/docker_registry_certificate -j \
    | jq -r ".value.ca" > registry-ca.pem
credhub get -n /bucc/docker-registry/docker_registry_password -j \
    | jq -r ".value" > registry-password

We can test out our registry from within the registry's own instance. First, upload our secrets:

bosh scp registry-ca.pem registry-password docker-registry:/tmp/

Next, SSH into the instance:

bosh -d docker-registry ssh

We can now interact with the Registry via its API and its DNS alias docker-registry.bosh:

$ curl https://docker-registry.bosh/v2/_catalog -u "admin:$(cat /tmp/password)" --cacert /tmp/ca.pem
{"repositories":[]}

Expose Docker Registry via Static IP

Delete the TLS certificate for the Docker Registry, so that a new one will be generated that includes both the new static IP, and the docker-registry.bosh hostname:

credhub delete -n /bucc/docker-registry/docker_registry_certificate

Select an available static IP from the Cloud Config. We'll use 10.244.0.34 below, and re-deploy the Docker Registry with the manifests/operators/static-ip.yml operator file:

bosh -d docker-registry deploy manifests/docker-registry.yml \
    -o manifests/operators/static-ip.yml \
    -v ip=10.244.0.34

Now add registry-ca.pem to system CA (please let use know if there's a way for docker login to consume a local self-signed CA). For example, in Keychain it may look like:

keychain

We can now docker login to our registry, tag ubuntu:latest as 10.244.0.34/ubuntu and push it to our registry:

docker login -u admin -p "$(cat registry-password)" 10.244.0.34
docker tag ubuntu 10.244.0.34/ubuntu
docker push 10.244.0.34/ubuntu

Our registry API confirms it now has the ubuntu image:

$ curl https://10.244.0.34/v2/_catalog -u "admin:$(cat registry-password)"
{"repositories":["ubuntu"]}
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].