Setting Up Docker Private Registry inside Jelastic Cloud

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone

image08-2Docker containers are designed for comfortable application delivery by means of fast and lightweight templates, which allows to run your projects almost everywhere. This technology is distinguished with the possibility of quick migration of application (e.g. from testing to production), whilst avoiding the repetitive adjustment issues, that are typical for a simple bare code transfer. In such a way, Docker containers represent a perfect solution for those developers and sysadmins, who looks for speeding up the application delivery workflow and elimination of the connected risks’ occurrence.

The vast majority of dockerized solutions are stored at public registries, so that they can be used by anyone. However, sometimes it becomes necessary to hide your repository content from the rest of the world, e.g. in case it contains some proprietary code or confidential information. For this purpose, you can create your own isolated private registry.

Here comes the time when you can leverage the Docker containers’ support at Jelastic PaaS&CaaS. It ensures a number of benefits for running your dockerized applications – like automatic vertical & horizontal scaling, enhanced configuration possibilities and simple container update. So, let’s discover how to get your private Docker registry at Jelastic platform in a matter of minutes!

Deploy Private Registry

The base template for private registry can be found among other open-source images at Docker Hub. Thus, you can easily get it hosted inside any of Jelastic Clouds by following the next simple steps:

1. Log in to your Jelastic account and navigate to the in-built Marketplace by clicking on the appropriate button at the top pane.

2. Switch to the Containers section and Search for the registry image at the appropriate same-named tab.Private Registry Jelastic

Hover over the found template and click on the appeared Install button.

3. At the opened frame, you can determine to add this image either to a new or to the already existing Docker-based environment, by switching between the corresponding points (as an example, we’ll create a separate one, named private-registry).

Also, here you can choose the desired environment Region and select the required image Tag version (e.g. 2.3.0).image09

Note:

  • the instruction below is written for the newest registry versions (i.e. starting with 2.x tag and higher). For deprecated registries, the configuration & interaction flow may vary in details
  • to get more details on operating with Docker containers at Jelastic, refer to our Managing Dockers guide

Click Install at the bottom of the frame to initiate the container creation (it may take a couple of minutes).

4. Now, as your registry is ready, you’ll need to configure an entrypoint for it to be accessed through. We’ll create one, leveraging the Jelastic endpoints feature, in order to expose the container’s 5000th port.

Note: You can use the Public IP option for connection as well, whilst considering this is a paid addon.

image02For the new endpoint creation, just click on the Settings button next to your environment, navigate to the Endpoints section and click on Add. In the opened frame, specify the desired parameters, stating the 5000 Private port number within the same-named field (in case you need any assistance on the given settings, please refer to the appropriate guide, linked above).

As a result, you should receive a record, similar to the shown in the image. Now, you can start filling your registry with images.

Add Image to the Registry

In order to show how a Docker template can be added to your registry, we’ll take an existing image from the central Hub registry and push it to our private repository (however, you can use your own, i.e. locally composed, one).

But before that, you need to apply some slight adjustments to your local machine configs in order to be able to properly operate with it.

1. To start with, install Docker daemon (if you haven’t done this previously) according to the linked guide from the official website.

Note: Make sure the installed daemon version is 1.6.0 or higher (as registry usage is not compatible with its preceding versions). The actual Docker daemon version can be checked by executing the following command at your terminal:

docker -v

image01

2. Next, choose any preferable image at Docker Hub, get it using the pull command and tag the received template so that it will point to your private registry (or, in case of a local template usage, just skip the first command part).

docker pull {image} && docker tag {image} {entry_point}/{repository}

where:

  • {image}name of the Docker template you’d like to pull and tag (jelastic/haproxy)
  • {entry_point} – private registry entry point, i.e. either endpoint (which was created at the end of the previous section) or external IP address. We’ll use the first one:image05
  • {repository} – name of a repository at your remote private registry (e.g. haproxy) for the image to be stored inAdding Image Jelastic

3. Now, you should pay attention to one more detail – while using a remote private registry, it’s required to secure interaction with it by means of TLS. For that, you need to place the corresponding SSL certificate files (i.e. server key and domain certificate), issued by a known CA, to your registry.

Tip: A self-signed certificate can be applied as well – in this case, you’ll need to manually instruct your Docker daemon to trust it.

However, for testing purposes, you can apply a relatively simpler configuration, that allows bypassing this requirement – run your registry in an insecure mode, so all the communication will be performed over the plain HTTP (which, although, is highly unrecommended in confines of production usage).

For that, add the following line to the /etc/default/docker configuration file of your daemon (or the similar one according to your OS distribution), e.g. using the vim editor with sudo permissions:

DOCKER_OPTS="--insecure-registry {entry_point}"

image00

Don’t forget to save the changes.

Note that in case of using self-signed certificates or insecure option, the same extra configurations will be required for being applied to every Docker daemon, that needs to access your registry.

4. Now, you can restart your local Docker daemon and push the prepared image to your remote repository:

sudo service docker restart 
docker push {entry_point}/{repository}

image04That’s all! Shortly, your image will be uploaded to the registry (the exact time depends on image size and the internet connection speed) and will become available for usage throughout the Internet. So that subsequently you can easily deploy it within Jelastic Cloud just in the similar way we’ve done this at the beginning of the article, or, alternatively, use any other preferred platform with Docker standard integration for its hosting. Create your trial account now and try it for free!

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone

Leave a Reply

Subscribe to get the latest updates