Setting Up Docker Private Registry inside Jelastic Cloud

Docker pivate registry inside JelasticDocker containers are designed for comfortable application distribution by means of fast and lightweight templates, which allows to run your projects almost everywhere. Thus, this technology represents a perfect solution for for those developers and sysadmins, who looks for speeding up the application delivery workflow and avoiding the repetitive adjustment issues. 

In order to handle your own Docker image, the appropriate registry is needed. The vast majority of dockerized solutions are stored at public registries, so that they can be used by anyone. However, sometimes it becomes necessary to hide your repository content from the rest of the world, e.g. in case it contains some proprietary code or confidential information. For this purpose, you can create your own isolated private registry.

So, let’s discover how to get it at Jelastic platform in a matter of minutes through following the next steps:
Subsequently, you’ll be able to easily deploy the added image from your custom registry and leverage the possibilities that Docker containers’ support at Jelastic ensures in the full force.

Deploy a Private Registry

The base template for private registry can be found among other open-source images at Docker Hub. Thus, you can easily get it hosted inside any of Jelastic Clouds by following the next simple steps:

1. Log in to your Jelastic account and navigate to the in-built Marketplace by clicking on the appropriate button at the top pane.

Jelastic Marketplace button

2. Switch to the Containers section and Search for the registry image at the appropriate same-named tab.

registry Docker image within Marketplace

Hover over the found template and click on the appeared Install button.

3. At the opened frame, you can determine to add this image either to a new or to the already existing Docker-based environment, by switching between the corresponding points (as an example, we’ll create a separate one, named private-registry).

Also, here you can choose the desired environment Region and select the required image Tag version (e.g. 2.3.0).

Docker registry image installation frame

Note:

  • the instruction below is written for the newest registry versions (i.e. starting with 2.x tag and higher). For deprecated registries, the configuration & interaction flow may vary in details
  • to get more details on operating with Docker containers at Jelastic, refer to our Managing Dockers guide

Click Install at the bottom of the frame to initiate the container creation (it may take a couple of minutes).

4. Now, as your registry is ready, you’ll need to configure an entrypoint for it to be accessed through. We’ll create one, leveraging the Jelastic endpoints feature, in order to expose the container’s 5000th port.

Note: You can use the Public IP option for connection as well, whilst considering this is a paid addon.

adding endpoint to environment

For the new endpoint creation, just click on the Settings button next to your environment, navigate to the Endpoints section and click on Add. In the opened frame, specify the desired parameters, stating the 5000 Private port number within the same-named field (in case you need any assistance on the given settings, please refer to the appropriate guide, linked above).

As a result, you should receive a record, similar to the shown in the image. Now, you can start filling your registry with images.

Add Image to the Registry

In order to show how a Docker template can be added to your registry, we’ll take an existing image from the central Hub registry and push it to our private repository (however, you can use your own, i.e. locally composed, one).

But before that, you need to apply some slight adjustments to your local machine configs in order to be able to properly operate with it.

1. To start with, install Docker daemon (if you haven’t done this previously) according to the linked guide from the official website.

Note: Make sure the installed daemon version is 1.6.0 or higher (as registries usage is not compatible with its preceding versions). The actual Docker daemon version can be checked by executing the following command at your terminal:

docker -v

check Docker engine version

2. Next, choose any preferable image at Docker Hub, get it using the pull command and tag the received template so that it will point to your private registry (or, in case of a local template usage, just skip the first command part).

docker pull {image} && docker tag {image} {entry_point}/{repository}
where:
  • {image} - name of the Docker template you’d like to pull and tag (e.g. jelastic/haproxy)
  • {entry_point} - private registry entry point, i.e. either endpoint (which was created at the end of the previous section) or external IP address. We’ll use the first one:

    get envieronment endpoint

  • {repository} - name of a repository at your remote private registry (e.g. haproxy) for the image to be stored in

docker pull command

3. Now, you should pay attention to one more detail - while using a remote private registry, it’s required to secure interaction with it by means of TLS. For that, you need to place the corresponding SSL certificate files (i.e. server key and domain certificate), issued by a known CA, to your registry.

Tip: self-signed certificate can be applied as well - in this case, you’ll need to manually instruct your Docker daemon to trust it.

However, for testing purposes, you can apply a relatively simpler configuration, that allows to bypass this requirement - run your registry in an insecure mode, so all the communication will be performed over the plain HTTP (which, although, is highly unrecommended in confines of production usage).

For that, add the following line to the /etc/default/docker configuration file of your daemon (or the similar one according to your OS distribution), e.g. using the vim editor with sudo permissions:

DOCKER_OPTS="--insecure-registry {entry_point}"

set insecure registry

Don’t forget to save the changes.

Note that in case of using self-signed certificates or insecure option, the same extra configurations will be required for being applied to every Docker daemon, that needs to access your registry.

4. Now, you can restart your local Docker daemon and push the prepared image to your remote repository:

sudo service docker restart
docker push {entry_point}/{repository}

docker restart and push commands

That’s all! Shortly, your image will be uploaded to the registry (the exact time depends on image size and the internet connection speed) and will become available for usage throughout the Internet.

As a result, you can easily deploy it within Jelastic Cloud just in the similar way we’ve done this at the beginning of the instruction, or, alternatively, use any other preferred platform with Docker standard integration for its hosting.

In case you face any issues while deploying your own registry or adding an image to it, feel free to appeal for our technical experts’ assistance at Stackoverflow.