Docker Registry

At docker.sapsailing.com there is a Docker registry running which mainly holds two repositories:

  • sapsailing
  • sapjvm8

The sapsailing repository holds the images built, in particular, by the latest master branch build. See the corresponding Hudson Job Configuration.

The files responsible for building the docker images can be found in the Git repository under /docker/Dockerfile.tpl which is a template patched with a specific release of the SAP Sailing Analytics using the /docker/makeImageForLatestRelease script.

The Docker registry is run based on the registry and docker-registry-ui Docker images tied together by a docker-compose file found at sapsailing.com:/var/log/old/cache/docker/registry/docker-compose.yml. The compose file launches a registry and a web UI for the registry. This works hand in hand with a corresponding Apache httpd configuration found at sapsailing.com:/etc/httpd/conf.d/006-docker-registry.conf which maps docker.sapsailing.com:80 to port 5000 on which the docker-registry-ui container is listening.

The actual Docker registry listens on port 5001 on sapsailing.com. This is additionally exposed by the Apache reverse proxy server through docker-registry.sapsailing.com forwarding all /v2 traffic to the registry container listening on port 5001.

Both, the external UI and registry access through the Apache httpd reverse proxy require basic authentication based on the /etc/httpd/conf/passwd.git password file. To add a user to it, use the htpasswd command on sapsailing.com as user root, e.g., as follows: 

  htpasswd /etc/httpd/conf/passwd.git the_new_user
followed by entering the new user's password twice.

The actual registry configuration is found in sapsailing.com:/var/log/old/cache/docker/registry/registry-config.yml. It is mapped in the docker-compose.yml file using a corresponding volume specification.

For reference, here goes the docker-compose.yml file: 

version: '3.7'
services:
  registry:
    image: registry:latest
    ports:
      - 5001:5001
    volumes:
      - /var/log/old/cache/docker/registry:/var/lib/registry
      - /var/log/old/cache/docker/registry/registry-config.yml:/etc/docker/registry/config.yml
    networks:
      - registry-ui-net
    restart: unless-stopped
  ui:
    image: joxit/docker-registry-ui:latest
    ports:
      - 5000:80
    environment:
      - REGISTRY_TITLE=SAP Sailing Analytics Docker Registry
      - NGINX_PROXY_PASS_URL=http://registry:5001
      # - REGISTRY_URL=http://registry:5001
      - SINGLE_REGISTRY=true
      - DELETE_IMAGES=true
    depends_on:
      - registry
    networks:
      - registry-ui-net
    restart: unless-stopped
networks:
  registry-ui-net:

The registry-config.yml file currently looks like this: 

version: 0.1
log:
  fields:
    service: registry
storage:
  delete:
    enabled: true
  cache:
    blobdescriptor: inmemory
  filesystem:
    rootdirectory: /var/lib/registry
http:
  addr: :5001
  headers:
    Access-Control-Allow-Origin: ['*']
    Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE']
    Access-Control-Expose-Headers: ['Docker-Content-Digest']