ഇതൊഴിവാക്കി പ്രധാന ഉള്ളടക്കത്തിലേക്ക് പോവുക

How to create a local docker images repository?





Prerequisites

1. Docker and docker-compose.

        > apt-get install docker

        > apt-get install docker-compose

    In Centos, 

    yum install docker-compose

    > yum install docker-compose

2. Nginx , 

    command: apt-get install nginx.

    In Centos,

      >yum install nginx

3. Self -Signed SSL certificate for Nginx.

4. apache2-utils to restrict image access using user name and password.

    command: apt-get install apache2-utils

    In Centos,

        > yum install httpd-tools

5. Nano editor (you can use any editor you like).

Command: apt-get install nano

In Centos,

  > yum install nano

Let's Begin,

 

First, we need to create a docker-registry to keep images and authentication data.

 

1. Let's create a docker-registry directory and data,auth directories inside root.

 

> mkdir ~/docker-registry && cd $_

> mkdir data

> mkdir auth


Now create a docker-compose.yml file and add the following content

//Creating a docker-compose.yml file

> nano docker-compose.yml

 

//docker-compose content

version: '3'

 

services:

  docker-registry:

    image: registry:2

restart: always

container_name:  docker-registry

    ports:

    - "5000:5000"

    environment:

      REGISTRY_AUTH: htpasswd

      REGISTRY_AUTH_HTPASSWD_REALM: Registry

      REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password

      REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data

    volumes:

      - ./auth:/auth

      - ./data:/data

 

  docker-registry-ui:

    image: konradkleine/docker-registry-frontend:v2

    container_name: docker-registry-ui

    ports:

      - "8080:80"

    environment:

      ENV_DOCKER_REGISTRY_HOST: docker-registry

      ENV_DOCKER_REGISTRY_PORT: 5000

 

//Before running docker-compose up,lets create a user for docker login purpose


> cd auth

> htpasswd -Bc registry.password <username>

 

Example:


> htpasswd -Bc registry.password advik

And then enter password

 

 

//Check authentication working by running docker-compose


> docker-compose up -d

 

//and then go to http://localhost:5000/v2 

// After entering username and the corresponding password, you  will see {} again

// Now we can set up nginx

// let's create an open SSL certificate for nginx

> openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt


//Enter current system’s IP address as Common Name in the certificate

//Configuring Nginx to Use SSL

 

>  sudo nano /etc/nginx/snippets/self-signed.conf


//self-sgned.conf content

 

ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;

ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;

 

//add SSL certificate info to advik-images.com

 

> sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/advik-images.com

 

> sudo nano /etc/nginx/sites-available/advik-images.com

 

//advik-images.com - Content

      server

{

listen 443 SSL;

 listen [::]:443 SSL; 

include snippets/self-signed.conf;       

server_name advik-images.com www.advik-images.com; 

 root /var/www/advik-images.com/html;

location / {                                                                                                         

        proxy_pass    http://localhost:5000;                

proxy_set_header  Host    $http_host; 

proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP 

proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;   

proxy_set_header  X-Forwarded-Proto $scheme;

proxy_read_timeout    900; 

}

}

server {

listen 80;

  listen [::]:80;

root /var/www/advik-images.com/html; 

index index.html index.htm index.nginx-debian.html; 

server_name advik_images.com www.advik-images.com;

return 301 https://$server_name$request_uri;

}

 

//Create advik-images.com index page


>  sudo mkdir -p /var/www/advik-images.com/html   

>  sudo chown -R $USER:$USER /var/www/advik-images.com/html

>  sudo chmod -R 755 /var/www/advik-images.com

>  nano /var/www/advik-images.com/html/index.html

 

//index.html content

<html>

    <head>

        <title>Welcome to Advik-Images.com!</title>

    </head>

    <body>

        <h1>Success!  The Advik-Images.com server block is working!</h1>

    </body>

</html>


//Create a soft link of advik-images.com to site-enabled


> sudo ln -s /etc/nginx/sites-available/advik-images.com /etc/nginx/sites-enabled/

 

// To avoid a possible hash bucket memory problem


> sudo nano /etc/nginx/nginx.conf

 

//add these lines to Nginx.conf

“ server_names_hash_bucket_size 64; “

“ client_max_body_size 2000M; “

Example :

 

http {

    ...

    server_names_hash_bucket_size 64;

client_max_body_size 2000M;

    ...

}


//Ok let's configure the firewall to allow only HTTP and HTTPS

> sudo ufw allow "Nginx HTTP"


 

//stop and start Nginx

 

> service stop Nginx

> service start nginx

 

 

// Let's add exception inside docker to allow login from the current system.

//If you want to login into docker add an exception for docker in that system by giving this system’s IP as an exception.

//for that let's create daemon.json and add a JSON document inside etc/docker directory.

 

//Here My System’s IP is 192.168.2.14.

(here I added advik-images.com also, so that later we can pull using both IP and domain name)

 

> nano /etc/docker/daemon.json

 

//daemon.json content

Example :

{

"insecure-registries":["192.168.2.14","advik-images.com"]

}

 *(here I added advik-images.com also, so that later we can pull using both ip and domain name)

//now stop and start docker service

 

> service docker stop

> service docker start


//Lets add advik.images.com to /etc/hosts also,so that it will redirect to the ip

 > nano /etc/hosts

//etc/hosts content

Example :

...
192.168.2.14    advik-images.com
...

// let's publish an image into docker-repository

//For that, I am pulling a small image alpine from docker hub first

 

> docker pull alpine

 

// let's tag it with repository address specified to create an image to push into the repository.

Syntax : docker tag <image full name> <ip>/<username>/new image full name.

Example:

 

> docker tag alpine:latest 192.168.2.14/akhi/test-image:v1

 

//login to docker repository to push the image

Example:

 

> docker login 192.168.2.14

//enter user name and password

 

//the push image

Example:

 

> docker push 192.168.2.14/akhi/test-image:v1

 

 

// Now Try to pull that image back.

//First login

 

> docker login 192.168.2.14

//enter user name and password

 

//Then pull the image by giving address and image name

Example:

 

> docker pull 192.168.2.14/akhi/test-image:v1

 

(Similarly, you can use docker login advik-images.com also )


Thank You


References:

https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-16-04

https://www.digitalocean.com/community/tutorials/how-to-set-up-a-private-docker-registry-on-ubuntu-18-04

https://www.youtube.com/watch?v=8gEs_zefNYA

Host your own docker registry | Local Docker Registry | Docker Registry using Docker Compose | SelfTuts Channel

 

അഭിപ്രായങ്ങള്‍

ഈ ബ്ലോഗിൽ നിന്നുള്ള ജനപ്രിയ പോസ്റ്റുകള്‍‌

പ്രണയമുട്ട

ദുരന്തസൂചനയുടെ ഡ്യൂപ്ലിക്കേറ്റ്‌ കോപ്പി : Releasing Soon.... എന്‍റെ ആദ്യ പ്രണയം..ഒരു കൊച്ചു സുന്ദരി കുട്ടിയോട്...  മഴവില്‍ നിറമുള്ള പട്ടുകുട ചൂടി വന്ന ആ പട്ടുപാവാടക്കാരിയോട്...  റീത്ത..അതെ പ്രണയമെന്ന വാക്കുപോലും കേള്‍ക്കാത്ത പ്രായത്തില്‍ എന്‍റെ അരികില്‍ നാലാം തരത്തില്‍ ഒപ്പമിരുന്നു പഠിച്ചവള്‍ .അവളുടെയും അവളോടൊപ്പം ഞാന്‍ ചിലവഴിച്ച മറക്കാന്‍ കഴിയാത്ത, ഇനി ഒരിക്കലും തിരിച്ചു കിട്ടാത്ത ഓര്‍മകളില്‍ ഒളിച്ചുവെക്കപ്പെട്ട ഒരു കുഞ്ഞു അസൂയയുടെ കഥ.  ഒപ്പം എന്‍റെ കൂടെ എന്നോടൊപ്പം നീണ്ട അഞ്ചു വര്‍ഷം ഒന്നിച്ചു പഠിച്ച  എന്‍റെ ആത്മസുഹൃത്തായ മുള്ളന്‍പന്നി എന്ന് ഞാന്‍ സ്നേഹത്തോടെ വിളിക്കുന്ന മൈക്കിള്‍ ആന്‍റോയെ   ഞാന്‍ അസൂയയോടെ നേരിട്ട കഥ..  " ഓര്‍ക്കുന്നു കള്ളി..  ഇന്നും ഞാന്‍.. നിന്നെ..,നിന്നെ മാത്രം..... മറ്റൊരു കാവ്യത്തില്‍ പിറന്ന മറ്റൊരു പ്രണയമായ്‌.. "   അടുത്ത് തന്നെ നിങ്ങള്‍ക്കും വായിക്കാന്‍ അവസരമോരുക്കാമെന്ന വിശ്വാസത്തോടെ ഞാനും കാത്തിരിക്കുന്നു... ആമുഖം : ഒന്ന് മു

How to deploy open street map as offline ( In your server )?

  Maps have a decent role in visualizing movement, activities, culture etc. But using a map for your application is always lead to taking subscriptions or spending huge money altogether. Open street map offline future is very hand in such situations. Let's see how to deploy an open street map API in your system using docker. Pre-requisites: a piece of basic knowledge in docker  Let's deploy one. First, we have to download the portion of the map we want to deploy ( you can download the entire map if you wish but here I am using a chunk from it.) First, we need to create a folder in our system so that we can save the map (represented as a number of tiles) into that. Step 1: // Creating a volume and naming it "openstreetmap-data" docker volume create openstreetmap-data Step 2: //Next download the map from geofabrik.de, I downloaded a map of India. //for that download map data such as india-latest.osm.pbf and extract from geofabrik.de // let's install it and render th