Skip to content

Private Docker Registry Build Log

Jump to bottom Edit New page
Chris Cuming edited this page Oct 12, 2015 · 3 revisions

Droplet Details

  • DNS: dochub.ironmann.io
  • Address: 162.243.141.92
  • OS: CentOS 7
  • User: root

Post Install-Configuration

SSHD

  • Set PasswordAuthentication to no.
  • Set MaxAuthTries to 10.

Bash History

Configured shell to flush history on login/out by appending cat /dev/null > ~/.bash_history to:

  • /root/.bashrc
  • /root/.bash_logout

Install Docker

$ yum update # Update packages.
$ yum install -y htop # Better top, YMMV.
$ rpm --import http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7 # Import EPEL GPG key.
$ yum install -y epel-release # Enable EPEL.
$ curl -sSL https://get.docker.com/ | sh # Install Docker.
$ systemctl start docker # Start Docker.
$ systemctl enable docker # Start Docker on boot.
$ docker run hello-world # Test Docker install.

Configure Registry

NOTE: Configure to use AWS S3.

Config File Example:

# /root/config.yml
version: 0.1
log:
  fields:
    service: registry
storage:
  s3:
    accesskey: # AWS Key ID
    secretkey: # AWS Secret Key
    region: us-west-1
    bucket: ironmann-docker
http:
    addr: :5000
    headers:
        X-Content-Type-Options: [nosniff]
health:
  storagedriver:
    enabled: true
    interval: 10s
    threshold: 3

Authentication

  • User: jarvis
  • Pass: HotShinyFr3shIm4ges! 
$ mkdir auth
$ docker run --entrypoint htpasswd registry:2 -Bbn jarvis HotShinyFr3shIm4ges! > auth/htpasswd

Start and Create Registry Container

# Auth and TLS information are included in the container as mounted volumes.
$ docker run -d -p 5000:5000 --restart=always --name registry \
  -v `pwd`/auth:/auth \
  -e "REGISTRY_AUTH=htpasswd" \
  -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
  -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
  -v /root/config.yml:/etc/docker/registry/config.yml \
  -v /root/certs:/certs \
  -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/dochub.ironmann.io.crt \
  -e REGISTRY_HTTP_TLS_KEY=/certs/dochub.ironmann.io.key \
  registry:2

Adding Registry Users

# Stop the registry container:
$ docker stop registry
# Remove the registry container:
$ docker rm registry
# Add the new user:
docker run --entrypoint htpasswd registry:2 -Bbn newuser newpass >> auth/htpasswd
# Rebuild the registry container:
$ docker run -d -p 5000:5000 --restart=always --name registry \
  -v `pwd`/auth:/auth \
  -e "REGISTRY_AUTH=htpasswd" \
  -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
  -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
  -v /root/config.yml:/etc/docker/registry/config.yml \
  -v /root/certs:/certs \
  -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/dochub.ironmann.io.crt \
  -e REGISTRY_HTTP_TLS_KEY=/certs/dochub.ironmann.io.key \
  registry:2

Removing Registry Users

Just remove a given user's entry from the /root/auth/htpasswd file.

NOTE: See Using Docker for information on how to work with the registry container.

Add a custom footer
Add a custom sidebar
Clone this wiki locally