Monday, September 2, 2019

Create docker registry and proxy

Your team starts working with docker, and as part of your build process you need to create a two docker services.




  1. docker proxy
    The docker proxy caches images that you download from the internet. The purpose of such server is to prevent download of an image that was already cached. This is relevant for new machines pulling docker images, and for existing machine that had its local docker images removed.
  2. docker local registry
    The docker local registry stores the images created by your team. This is relevant when you don't want to store the images in a public registry, such as dockerhub.


To perform this, use the following docker compose file:

version: '3.1'
services:
    docker-registry:
        restart: always
        image: registry:2
        ports:
          - 5000:5000
        environment:
          REGISTRY_STORAGE_DELETE_ENABLED: "true"
        volumes:
          - /opt/docker-registry/registry:/var/lib/registry
        networks:
          - node-network
    docker-proxy:
        restart: always
        image: registry:2
        ports:
          - 6000:5000
        environment:
          REGISTRY_PROXY_REMOTEURL: "http://registry-1.docker.io"
        volumes:
          - /opt/docker-registry/proxy:/var/lib/registry
        networks:
          - node-network
    docker-gui:
        restart: always
        image: joxit/docker-registry-ui:static
        ports:
          - 80:80
        environment:
          REGISTRY_URL: http://docker-registry:5000
          DELETE_IMAGES: "true" 
        networks:
          - node-network
networks:
  node-network:
    driver: bridge

Login to the server that you want the servers to run. In this example, suppose the server IP is 10.1.2.3.

Create a new folder, for example under /opt/docker-registry, and create the docker compose file in it.
Then run:

cd /opt/docker-registry
docker-componse up -d

Your servers are ready:

  • local registry server running on port 10.1.2.3:5000
  • docker proxy running on port 10.1.2.3:6000
  • GUI for the local registry running on http://10.1.2.3

Notice that each machine that should use the servers, should update its docker configuration.
In /etc/docker/daemon.json, add


{
  "insecure-registries" : ["10.1.2.3:5000","10.1.2.3:6000"],
  "registry-mirrors" : ["http://10.1.2.3:6000"]
}

and the restart docker service:
sudo service docker restart


If you want to use a secured docker registry, follow the instructions in the docker documentation.


See also Delete images from a Private Docker Registry.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)