Private Docker Registry Part 3: let’s use Azure Storage
Now that we have a basic registry up and running locally using authentication, let’s configure the storage to use a Azure Storage Acount.
NOTE: The reference material for this article can be found here
The Services Definition
The docker-compose command allow you to stack docker-compose.yml files to override some services. Those are the overrides for the basic authenticated registry created in the previous article.
version: '2'
services:
registry:
environment:
# To make sure default filesystem storage is
# deleted from default config
REGISTRY_STORAGE: azure
REGISTRY_STORAGE_AZURE_ACCOUNTNAME: 'STORAGE-ACCOUNT-NAME'
REGISTRY_STORAGE_AZURE_ACCOUNTKEY: 'STORAGE-ACCESS-KEY'
REGISTRY_STORAGE_AZURE_CONTAINER: 'CONTAINER-NAME'
Service Overrides
The registry was overridden to add
- Set environment variables
REGISTRY_STORAGE=azure : The environment variables are overriding the basic configuration as mentioned here. To make sure the default filesystem is overridden properly, we set this environment variable to azure. Otherwise, you’ll end up with filesystem
REGISTRY_STORAGE_AZURE_ACCOUNTNAME=“STORAGE_ACCOUNT_NAME”: the Azure Storage Account name
REGISTRY_STORAGE_AZURE_ACCOUNTKEY: “STORAGE_ACCESS_KEY”: The access key for the storage account you are using
How to start it
To start the registry locally, simply run this command
docker-compose -f docker-compose.yml \
-f docker-compose.auth.yml \
-f docker-compose.azure.yml \
up -d
- The registry is reachable at localhost:5000
- The registry UI is reachable http://localhost:80, you’ll be asked for a password
IMPORTANT NOTES: The registry is:
- Running locally
- Authenticated using basic auth
- Storing all images in the Azure Storage Account you specified
- Not using SSL
How to validate it works
- At first, in your local registry UI, you won’t see any images. Even pulling once authenticated won’t work because your Azure Storage Account does not contain it.
- Try pushing the same image as in Part 1
docker push localhost:5000/<optional-username>/alpine:3.4
Once it’s done, you’ll be able to see the image on your storage account from the Azure Portal or using the Azure Storage Explorer.
Now we are able to authenticate and store docker images on Azure Storage, Private Docker Registry Part 4: let’s secure the registry