Skip to content

Instantly share code, notes, and snippets.

@barthy1

barthy1/docker_resigtry.ppc64le

Last active September 14, 2016 12:29
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save barthy1/246cd6892d5db2cec9b6f866de70c089 to your computer and use it in GitHub Desktop.
Save barthy1/246cd6892d5db2cec9b6f866de70c089 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
docker_resigtry.ppc64le
1. Setup Docker
1.1 Download Docker binaries
cd /usr/local/bin
sudo wget https://master.dockerproject.org/linux/ppc64le/dockerd https://master.dockerproject.org/linux/ppc64le/docker-proxy https://master.dockerproject.org/linux/ppc64le/docker-runc https://master.dockerproject.org/linux/ppc64le/docker https://master.dockerproject.org/linux/ppc64le/docker-containerd https://master.dockerproject.org/linux/ppc64le/docker-containerd-shim https://master.dockerproject.org/linux/ppc64le/docker-containerd-ctr
sudo chmod +x *
1.2 create file /etc/init/docker.conf with:
description "Docker daemon"
start on (local-filesystems and net-device-up IFACE!=lo)
stop on runlevel [!2345]
limit nofile 524288 1048576
limit nproc 524288 1048576
respawn
kill timeout 20
pre-start script
# see also https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount
if grep -v '^#' /etc/fstab | grep -q cgroup \
|| [ ! -e /proc/cgroups ] \
|| [ ! -d /sys/fs/cgroup ]; then
exit 0
fi
if ! mountpoint -q /sys/fs/cgroup; then
mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup
fi
(
cd /sys/fs/cgroup
for sys in $(awk '!/^#/ { if ($4 == 1) print $1 }' /proc/cgroups); do
mkdir -p $sys
if ! mountpoint -q $sys; then
if ! mount -n -t cgroup -o $sys cgroup $sys; then
rmdir $sys || true
fi
fi
done
)
end script
script
# modify these in /etc/default/$UPSTART_JOB (/etc/default/docker)
DOCKER=/usr/local/bin/$UPSTART_JOB
DOCKER_OPTS=
if [ -f /etc/default/$UPSTART_JOB ]; then
. /etc/default/$UPSTART_JOB
fi
exec "$DOCKER" daemon $DOCKER_OPTS
end script
# Don't emit "started" event until docker.sock is ready.
# See https://github.com/docker/docker/issues/6647
post-start script
DOCKER_OPTS=
if [ -f /etc/default/$UPSTART_JOB ]; then
. /etc/default/$UPSTART_JOB
fi
if ! printf "%s" "$DOCKER_OPTS" | grep -qE -e '-H|--host'; then
while ! [ -e /var/run/docker.sock ]; do
initctl status $UPSTART_JOB | grep -qE "(stop|respawn)/" && exit 1
echo "Waiting for /var/run/docker.sock"
sleep 0.1
done
echo "/var/run/docker.sock is up"
fi
end script
1.3
sudo ln -s /etc/init/docker.conf /etc/init.d/docker
1.4 Add local Docker registry to DOCKER_OPTS
sudo bash -c 'cat >> /etc/default/docker' << EOF
DOCKER_OPTS="--insecure-registry IP_ADDRESS:5000"
EOF
1.5 Start docker
sudo service docker start
2. Docker registry
2.1 Download docker registry project
git clone --recursive https://github.com/barthy1/distribution
sudo docker build -t ppc64le_registry .
3. Native basic auth as per https://docs.docker.com/registry/deploying/#/native-basic-auth
3.1
mkdir auth
sudo docker run --entrypoint htpasswd ppc64le_registry -Bbn $USER $PATH > auth/htpasswd
sudo docker login -u concourse_user -p conc_pass 140.211.168.97:5000
3.2 TLS configure as per https://docs.docker.com/registry/insecure/#/using-self-signed-certificates
use ip address as CN
mkdir certs
mkdir -p certs && openssl req \
-newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key \
-x509 -days 365 -out certs/domain.crt
4. Run container with Docker registry
docker run -d -p 5000:5000 --restart=always --name registry \
-v `pwd`/auth:/auth \
-e "REGISTRY_AUTH=htpasswd" \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
-v `pwd`/certs:/certs \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
ppc64le_registry:latest
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment