Last active
September 14, 2016 12:29
-
-
Save barthy1/246cd6892d5db2cec9b6f866de70c089 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1. Setup Docker | |
1.1 Download Docker binaries | |
cd /usr/local/bin | |
sudo wget https://master.dockerproject.org/linux/ppc64le/dockerd https://master.dockerproject.org/linux/ppc64le/docker-proxy https://master.dockerproject.org/linux/ppc64le/docker-runc https://master.dockerproject.org/linux/ppc64le/docker https://master.dockerproject.org/linux/ppc64le/docker-containerd https://master.dockerproject.org/linux/ppc64le/docker-containerd-shim https://master.dockerproject.org/linux/ppc64le/docker-containerd-ctr | |
sudo chmod +x * | |
1.2 create file /etc/init/docker.conf with: | |
description "Docker daemon" | |
start on (local-filesystems and net-device-up IFACE!=lo) | |
stop on runlevel [!2345] | |
limit nofile 524288 1048576 | |
limit nproc 524288 1048576 | |
respawn | |
kill timeout 20 | |
pre-start script | |
# see also https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount | |
if grep -v '^#' /etc/fstab | grep -q cgroup \ | |
|| [ ! -e /proc/cgroups ] \ | |
|| [ ! -d /sys/fs/cgroup ]; then | |
exit 0 | |
fi | |
if ! mountpoint -q /sys/fs/cgroup; then | |
mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup | |
fi | |
( | |
cd /sys/fs/cgroup | |
for sys in $(awk '!/^#/ { if ($4 == 1) print $1 }' /proc/cgroups); do | |
mkdir -p $sys | |
if ! mountpoint -q $sys; then | |
if ! mount -n -t cgroup -o $sys cgroup $sys; then | |
rmdir $sys || true | |
fi | |
fi | |
done | |
) | |
end script | |
script | |
# modify these in /etc/default/$UPSTART_JOB (/etc/default/docker) | |
DOCKER=/usr/local/bin/$UPSTART_JOB | |
DOCKER_OPTS= | |
if [ -f /etc/default/$UPSTART_JOB ]; then | |
. /etc/default/$UPSTART_JOB | |
fi | |
exec "$DOCKER" daemon $DOCKER_OPTS | |
end script | |
# Don't emit "started" event until docker.sock is ready. | |
# See https://github.com/docker/docker/issues/6647 | |
post-start script | |
DOCKER_OPTS= | |
if [ -f /etc/default/$UPSTART_JOB ]; then | |
. /etc/default/$UPSTART_JOB | |
fi | |
if ! printf "%s" "$DOCKER_OPTS" | grep -qE -e '-H|--host'; then | |
while ! [ -e /var/run/docker.sock ]; do | |
initctl status $UPSTART_JOB | grep -qE "(stop|respawn)/" && exit 1 | |
echo "Waiting for /var/run/docker.sock" | |
sleep 0.1 | |
done | |
echo "/var/run/docker.sock is up" | |
fi | |
end script | |
1.3 | |
sudo ln -s /etc/init/docker.conf /etc/init.d/docker | |
1.4 Add local Docker registry to DOCKER_OPTS | |
sudo bash -c 'cat >> /etc/default/docker' << EOF | |
DOCKER_OPTS="--insecure-registry IP_ADDRESS:5000" | |
EOF | |
1.5 Start docker | |
sudo service docker start | |
2. Docker registry | |
2.1 Download docker registry project | |
git clone --recursive https://github.com/barthy1/distribution | |
sudo docker build -t ppc64le_registry . | |
3. Native basic auth as per https://docs.docker.com/registry/deploying/#/native-basic-auth | |
3.1 | |
mkdir auth | |
sudo docker run --entrypoint htpasswd ppc64le_registry -Bbn $USER $PATH > auth/htpasswd | |
sudo docker login -u concourse_user -p conc_pass 140.211.168.97:5000 | |
3.2 TLS configure as per https://docs.docker.com/registry/insecure/#/using-self-signed-certificates | |
use ip address as CN | |
mkdir certs | |
mkdir -p certs && openssl req \ | |
-newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key \ | |
-x509 -days 365 -out certs/domain.crt | |
4. Run container with Docker registry | |
docker run -d -p 5000:5000 --restart=always --name registry \ | |
-v `pwd`/auth:/auth \ | |
-e "REGISTRY_AUTH=htpasswd" \ | |
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \ | |
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \ | |
-v `pwd`/certs:/certs \ | |
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \ | |
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \ | |
ppc64le_registry:latest |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment