Private Docker Registry Installation
It is advisable to have a local registry for your targets in order to simply deployment and maintenance.
There are many ways you can do that depending on your network topology and available resources.
The following guide will provide instructions on running your own registry.
On VPN gateway (OpenBSD)
The suggested way is to run the docker registry on its own system, however the
next best thing as far as flexibility goes is to run it on your VPN gateway and
limit access to the registry to dockerd
servers.
We assume you followed the instructions from VPN-SERVER.md
You can use the provided playbook to setup the docker registry on the VPN gateway
ansible-playbook --connection=local -i 127.0.0.1, runonce/docker-registry.yml
# or with settings.yml
ansible-playbook --connection=local -i 127.0.0.1, runonce/docker-registry.yml -e '@settings.yml'
On own server (OpenBSD)
Alternatively, you can proceed with manual installation by following the steps.
Install the needed packages
pkg_add -vi go git
Create a user to run the registry (ie registry
)
useradd -m registry
mkdir -p ~registry/storage
Install and configure the go docker registry
export GOPATH="/home/registry/go"
go get github.com/docker/distribution/cmd/registry
install -m 555 -o root -g wheel contrib/docker_registry.rc /etc/rc.d/docker_registry
install -m 444 -o root -g wheel contrib/docker-registry.yml /etc/docker-registry.yml
rcctl set docker_registry status on
rcctl start docker_registry
chown -R registry /home/registry/storage
As Docker container
There is an official docker registry image available at https://hub.docker.com/_/registry
docker run -d -p 5000:5000 --restart always --name registry registry:2