Upload
docker-inc
View
1.657
Download
2
Embed Size (px)
DESCRIPTION
Docker Advanced registry usage by Joffrey Fuhrer at the Docker Freiburg meetup #1
Citation preview
Docker: Advanced registry usage
September 17th, 2014 in Freiburg
Contents
1. What’s a registry?2. Advanced configuration
a. Search indexb. Mirroringc. Adding a redis cached. More!
3. Extending the code
What’s a registry?
• Storage component for docker images• Open-source python app
• docker/docker-registry on github• Current stable version: 0.8.1• Available as an official image
docker run -d -p 5000:5000 registry:0.8.1
What’s a registry?
• Several storage backends supported• Filesystem• Boto (S3, Google Compute, ...)• OpenStack Swift
Advanced configuration
The registry image is great for quick setup and testing, but we can make it even better with some tinkering!
• Enabling search• Mirroring another registry (even the official one!)• Adding a redis cache• And more!
Search index
Enabling a basic search index is easy!docker run -d -p 5000:5000 -e SEARCH_BACKEND=sqlalchemy registry:0.8.1
Search index
Let’s put our SQLite database in a volume.
docker run -d -p 5000:5000 -e SEARCH_BACKEND=sqlalchemy
-e SQLALCHEMY_INDEX_DATABASE=sqlite:////opt/sqlitedb/reg.db
-v /opt/sqlitedb:/opt/sqlitedb registry:0.8.1
Search index
Also, we want to keep our image store persistent across restarts!
docker run -d -p 5000:5000 -e SEARCH_BACKEND=sqlalchemy
-e SQLALCHEMY_INDEX_DATABASE=sqlite:////opt/sqlitedb/reg.db
-e STORAGE_PATH=/opt/registry
-v /opt/registry/storage:/opt/registry
-v /opt/sqlitedb:/opt/sqlitedb registry:0.8.1
Search index
This is quite a mouthful... Let’s make a Dockerfile instead.
That’s better!
$ docker build -t myregistry .$ docker run -d -p 5000:5000 -v /opt/registry/storage:/opt/registry -v /opt/registry/index:/opt/sqlitedb myregistry
Search index
Don’t like SQLite? That’s fine too!
Mirroring
Having a local copy of commonly used images can be very helpful!
Mirroring
“Standard“ method:
$ docker pull busybox:latest$ docker tag busybox:latest myregistry.com/busybox:latest$ docker push myregistry.com/busybox:latest$ docker pull busybox:buildroot-2014.02...
Mirroring
Better method: Enable mirroring on your registry!
ENV MIRROR_SOURCE https://registry-1.docker.io
ENV MIRROR_SOURCE_INDEX https://index.docker.io
Mirroring
• On the first pull, immutable data (metadata, layers, image ancestry) is stored locally on the mirror.
• The source is always contacted to retrieve mutable data (list of tags, <tag / image ID> mappings)...
• ... unless you enable the redis cache, then tag data is kept for some time.
• Set MIRROR_TAGS_CACHE_TTL accordingly!
Adding a redis cache
First let’s start up a redis container.
Then we’re going to edit config/config_sample.yml
$ docker run --name rediscache -d redis:2.8.13
cache: host: _env:REDISCACHE_PORT_6379_TCP_ADDR port: _env:REDISCACHE_PORT_6379_TCP_PORT db: 0cache_lru: host: _env:REDISCACHE_PORT_6379_TCP_ADDR port: _env:REDISCACHE_PORT_6379_TCP_PORT db: 1
• Copy the config_sample.yml file where our Dockerfile from before is.
• Add the following line to our Dockerfile:
• Create a link with our rediscache container when starting up the registry
Adding a redis cache
ADD ./config_sample.yml /docker-registry/config/config_sample.yml
docker run -d -p 5000:5000 --link rediscache:rediscache -v /opt/registry/storage:/opt/registry -v /opt/registry/index:/opt/sqlitedb myregistry
• Create a link with our rediscache container when starting up the registry
• All set!
Adding a redis cache
docker run -d -p 5000:5000 --link rediscache:rediscache -v /opt/registry/storage:/opt/registry -v /opt/registry/index:/opt/sqlitedb myregistry
• Use an nginx or Apache frontend to enforce basic auth.• You can then do: docker login my.registry.com• Only works over HTTPS!
• Enable e-mail notifications when an exception is encountered• See the email_notifications section of the
configuration
More configuration!
• You’ll need time and some Python proficiency.• But for advanced usage, it can be worth it!• If you make something cool, think about giving back to the
community! We accept pull requests.
Extending the code
• You can implement a new storage driver by inheriting docker_registry.core.driver.Base
• Leverage the signals API in docker_registry.lib.signals
• Implement a new search backend by inheriting docker_registry.lib.index.Index
• Other ideas? Talk to us, let us know if we can help!
Extending the code
• Code: github.com/docker/docker-registry• DockerHub: registry.hub.docker.com/_/registry
• Contact me:• Twitter @j0ffrey• GitHub @shin-• E-mail [email protected]
THANK YOU!
Resources