A Docker registry is an open-source server that is able to store Docker images organised in repositories, and distribute them via an HTTP REST API.
The daily mood
We had our second team call (we mostly talked about internal/confidential topics). I doubt a bit about my directions, and I feel the need to prevent it to turn into frustration or failure. I wonder if I should involve more support from my team, or apply more structure inside my posts, in oder to ensure productive Goals, Steps, and Results on a daily basis. Though my previous achievements were not too bad after all, so why change and make it worse? Let's rather enjoy what has been done so far and keep going.
Following to my previous blog on Deployment stacks, I realised that I need a local Docker repository in order to be able to accelerate my deployment activities or switch-off VPN tunnel to our internal network.
Docker registry
We need a registry hosting a repository. I added an insecure registry entry to my local Docker service, as recommended by the output of
microk8s.inspect
To do so, edit /etc/docker/daemon.json and add:
{
"insecure-registries" : ["localhost:32000"]
}Then restart Docker daemon:
sudo systemctl restart docker
Now I can list available Docker images (empty by default)
curl -X GET http://127.0.0.1:32000/v2/_catalog
As we can see, a Docker registry owns a specific HTTP API so it is more than just a file storage.
I used the following bash script to list/pull local images of interest using local docker client, and then push them to my registry
export SHARED_REPO_HOST=<our_shared_repo_host> docker login $SHARED_REPO_HOSTI also found an article which could be usefull in case I wanted to clean my registry (later on).
for image in `\ microk8s.ctr -n k8s.io images ls \ | cut -d' ' -f1 \ | grep -v 'sha256' \ | grep -v 'localhost:32000' \ | grep $SHARED_REPO_HOST \ `; do echo $image docker pull $image docker tag $image localhost:32000/$image docker push localhost:32000/$image docker rmi $image localhost:32000/$image done
As an alternatively to a local / insecure setup, you might want to look at hub.docker.com, Sonatype Nexus, JFrog Artifactory or the open-source image registry ProjectQuay.io maintained by RedHat.
Deployment result
I am now able to deploy my first stack of charts in under 1 min. It looks like I am making progress, though I had actually expected to be able to deploy more of our applications with less potential troubles. But that's life ;-)
Comments
Post a Comment