Petter Holt Juliussen • Mail | Mastodon | GitHub | Letterboxd

for later reference.

Docker

2021-10-27

The Docker Registry

Deploy a registry server

$ docker run -d -p 5000:5000 \
    --restart=always \
    --name registry \
    -v /mnt/registry:/var/lib/registry \
    registry:2
$ docker pull alpine
$ docker image tag alpine 192.168.99.100:5000/alpine:latest
$ docker image push 192.168.99.100:5000/alpine:latest
# /
$ docker build --tag 192.168.99.100:5000/foo/bar:latest .

$ docker pull 192.168.99.100:5000/alpine:latest

The Docker Engine

Configuration

It’s highly recommended to secure your registry using a TLS certificate issued by a known CA, you can choose to use self-signed certificates, or use your registry over an unencrypted HTTP connection.

Configures Docker to entirely disregard security for your registry. This is very insecure and is not recommended. Only used for isolated testing or in a tightly controlled, air-gapped environment.

{
  // ...
  "insecure-registries":["192.168.99.100:5000"]
}

Watchtower

containrrr/watchtower

Update the running version of your containerized app simply by pushing a new image to the Docker Hub or your own image registry.

$ docker run -d \
    --name watchtower \
    -e WATCHTOWER_LABEL_ENABLE=true \ 
    -v /var/run/docker.sock:/var/run/docker.sock \
    containrrr/watchtower
docker run -d --label=com.centurylinklabs.watchtower.enable=true someimage