(.)(.) dev thoughts ...

Build and run docker registry from sources
2017-11-20 00:11:00

This will be short post on how to build and run docker registry from sources.

I need a registry to deploy my docker images to use them with docker swarm. So the docker swarm nodes will pull images of my applications from registry.
So there will be single point where all the machines in cluster can download custom application.

First problem is that docker registry is not available on arm architecture for raspberry pi.
Fortunately it is opensource project so I can download it, build and run docker image.
Before that I need to setup golang development environment by simply installing go compiler and set up GOPATH

sudo apt-get install golang

then I will set up GOPATH by editing .profile in my home directory (or .bashrc if there is no .profile file):

vi ~/.profile
and add lines:
export GOPATH=$HOME/go
PATH=$PATH:$(go env GOPATH)/bin

after reload profile (source ~/.profile) or login again to shell I can check if everything is set properly by using:

go env
and it should output something like:
GOPATH="/home/myusername/go"

now to build registry I will just invoke:

go get github.com/docker/distribution/cmd/registry

and after a while I can use registry command so binary is build and located in $GOPATH/bin

Running registry as docker image

Now I can move forward and build docker registry image using also open source Dockerfile
distribution-library-image github repository. To do so I will clone git repo:

git clone https://github.com/docker/distribution-library-image

then replace registry in cloned repo with my registry

cp $GOPATH/bin/registry distribution-library-image/registry/

I built my image as rpi3registry

docker build -t rpi3registry distribution-library-image/
Run registry from source
docker run -d -p 5000:5000 --restart always --name registry -v ~/.docker/certs:/certs -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/cert.pem -e REGISTRY_HTTP_TLS_KEY=/certs/key.pem budry/registry-arm

go to

https://192.168.1.101:5000/v2/

And there it is running.
Important notes are :

  • I need to point registry location in all my docker machine nodes in daemon.json files. Just add those two lines.
"experimental":true,
"insecure-registries":["192.168.1.101:5000"],

so the final daemon.json will look something like this:

{
"debug":true,
"tls":true,
"tlsverify":true,
"experimental":true,
"insecure-registries":["192.168.1.101:5000"],
"tlscacert":"/home/pi/.docker/certs/ca.pem",
"tlscert":"/home/pi/.docker/certs/cert.pem",
"tlskey":"/home/pi/.docker/certs/key.pem",
"bip":"172.16.0.1/16",
"hosts":["unix:///var/run/docker.sock", "tcp://0.0.0.0:2376"]
}
  • If I consider to run registry in public network I need to consider adding trusted tls certificate like let's encrypt.

Ok so now I have docker swarm on three nodes and docker registry ready for some scaling fun.
Next will be building custom docker image putting it in registry and scaling it.
Adding / removing nodes and using docker-compose.
Also after a month or so looking on those configuration madness I think it is a good idea to make a simple python webapp to automate shit.

So stay tuned.