Last active
August 29, 2015 14:25
-
-
Save tiadobatima/8c6db07e54945498d2b9 to your computer and use it in GitHub Desktop.
Docker registry 2.0 with S3 and IAM instance profiles
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# with access and secret keys set to empty in the config file | |
root@69936c8fea4c:/go/src/github.com/docker/distribution# cat /conf/config.yaml | |
version: 0.1 | |
log: | |
level: debug | |
fields: | |
service: registry | |
environment: development | |
storage: | |
cache: | |
layerinfo: inmemory | |
s3: | |
bucket: my-fake-bucket | |
region: us-west-2 | |
rootdirectory: /my/root/dir | |
accesskey: | |
secretkey: | |
maintenance: | |
uploadpurging: | |
enabled: false | |
http: | |
addr: :5000 | |
secret: asecretforlocaldevelopment | |
debug: | |
addr: localhost:5001 | |
redis: | |
addr: localhost:6379 | |
pool: | |
maxidle: 16 | |
maxactive: 64 | |
idletimeout: 300s | |
dialtimeout: 10ms | |
readtimeout: 10ms | |
writetimeout: 10ms | |
notifications: | |
endpoints: | |
- name: local-8082 | |
url: http://localhost:5003/callback | |
headers: | |
Authorization: [Bearer <an example token>] | |
timeout: 1s | |
threshold: 10 | |
backoff: 1s | |
disabled: true | |
- name: local-8083 | |
url: http://localhost:8083/callback | |
timeout: 1s | |
threshold: 10 | |
backoff: 1s | |
disabled: true | |
root@69936c8fea4c:/go/src/github.com/docker/distribution# env | |
DISTRIBUTION_DIR=/go/src/github.com/docker/distribution | |
GOLANG_VERSION=1.4.2 | |
HOSTNAME=69936c8fea4c | |
TERM=xterm | |
PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin | |
PWD=/go/src/github.com/docker/distribution | |
SHLVL=1 | |
HOME=/root | |
GOPATH=/go/src/github.com/docker/distribution/Godeps/_workspace:/go | |
_=/usr/bin/env | |
root@69936c8fea4c:/go/src/github.com/docker/distribution# registry /conf/config.yaml | |
panic: The AWS Access Key Id you provided does not exist in our records. | |
goroutine 1 [running]: | |
github.com/docker/distribution/registry/handlers.NewApp(0x7f74dc248d18, 0xc2080bf5f0, 0xc20802ba18, 0x3, 0xc20802ba50, 0x5, 0x0, 0x0, 0xc2080be360, 0xa5e630, ...) | |
/go/src/github.com/docker/distribution/registry/handlers/app.go:81 +0x5eb | |
main.main() | |
/go/src/github.com/docker/distribution/cmd/registry/main.go:62 +0x439 | |
goroutine 6 [syscall]: | |
os/signal.loop() | |
/usr/src/go/src/os/signal/signal_unix.go:21 +0x1f | |
created by os/signal.init·1 | |
/usr/src/go/src/os/signal/signal_unix.go:27 +0x35 | |
goroutine 10 [runnable]: | |
net/http.(*persistConn).readLoop(0xc2080b88f0) | |
/usr/src/go/src/net/http/transport.go:928 +0x9ce | |
created by net/http.(*Transport).dialConn | |
/usr/src/go/src/net/http/transport.go:660 +0xc9f | |
goroutine 17 [syscall, locked to thread]: | |
runtime.goexit() | |
/usr/src/go/src/runtime/asm_amd64.s:2232 +0x1 | |
goroutine 11 [select]: | |
net/http.(*persistConn).writeLoop(0xc2080b88f0) | |
/usr/src/go/src/net/http/transport.go:945 +0x41d | |
created by net/http.(*Transport).dialConn | |
/usr/src/go/src/net/http/transport.go:661 +0xcbc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# With REGISTRY_STORAGE_S3_SECRETKEY and REGISTRY_STORAGE_S3_ACCESSKEY set to empty | |
root@7b8a8efbe736:/go/src/github.com/docker/distribution# cat /conf/config.yaml | |
version: 0.1 | |
log: | |
level: debug | |
fields: | |
service: registry | |
environment: development | |
storage: | |
cache: | |
layerinfo: inmemory | |
s3: | |
bucket: my-fake-bucket | |
region: us-west-2 | |
rootdirectory: /my/root/dir | |
maintenance: | |
uploadpurging: | |
enabled: false | |
http: | |
addr: :5000 | |
secret: asecretforlocaldevelopment | |
debug: | |
addr: localhost:5001 | |
redis: | |
addr: localhost:6379 | |
pool: | |
maxidle: 16 | |
maxactive: 64 | |
idletimeout: 300s | |
dialtimeout: 10ms | |
readtimeout: 10ms | |
writetimeout: 10ms | |
notifications: | |
endpoints: | |
- name: local-8082 | |
url: http://localhost:5003/callback | |
headers: | |
Authorization: [Bearer <an example token>] | |
timeout: 1s | |
threshold: 10 | |
backoff: 1s | |
disabled: true | |
- name: local-8083 | |
url: http://localhost:8083/callback | |
timeout: 1s | |
threshold: 10 | |
backoff: 1s | |
disabled: true | |
root@7b8a8efbe736:/go/src/github.com/docker/distribution# env | |
REGISTRY_STORAGE_S3_SECRETKEY= | |
DISTRIBUTION_DIR=/go/src/github.com/docker/distribution | |
GOLANG_VERSION=1.4.2 | |
HOSTNAME=7b8a8efbe736 | |
TERM=xterm | |
PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin | |
PWD=/go/src/github.com/docker/distribution | |
SHLVL=1 | |
HOME=/root | |
GOPATH=/go/src/github.com/docker/distribution/Godeps/_workspace:/go | |
REGISTRY_STORAGE_S3_ACCESSKEY= | |
_=/usr/bin/env | |
root@7b8a8efbe736:/go/src/github.com/docker/distribution# registry /conf/config.yaml | |
panic: The AWS Access Key Id you provided does not exist in our records. | |
goroutine 1 [running]: | |
github.com/docker/distribution/registry/handlers.NewApp(0x7ff139f8ac48, 0xc2080b76b0, 0xc20802b9f8, 0x3, 0xc20802ba30, 0x5, 0x0, 0x0, 0xc2080b6360, 0xa5e630, ...) | |
/go/src/github.com/docker/distribution/registry/handlers/app.go:81 +0x5eb | |
main.main() | |
/go/src/github.com/docker/distribution/cmd/registry/main.go:62 +0x439 | |
goroutine 6 [syscall]: | |
os/signal.loop() | |
/usr/src/go/src/os/signal/signal_unix.go:21 +0x1f | |
created by os/signal.init·1 | |
/usr/src/go/src/os/signal/signal_unix.go:27 +0x35 | |
goroutine 10 [runnable]: | |
net/http.(*persistConn).readLoop(0xc20806cd10) | |
/usr/src/go/src/net/http/transport.go:928 +0x9ce | |
created by net/http.(*Transport).dialConn | |
/usr/src/go/src/net/http/transport.go:660 +0xc9f | |
goroutine 17 [syscall, locked to thread]: | |
runtime.goexit() | |
/usr/src/go/src/runtime/asm_amd64.s:2232 +0x1 | |
goroutine 11 [select]: | |
net/http.(*persistConn).writeLoop(0xc20806cd10) | |
/usr/src/go/src/net/http/transport.go:945 +0x41d | |
created by net/http.(*Transport).dialConn | |
/usr/src/go/src/net/http/transport.go:661 +0xcbc | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Without REGISTRY_STORAGE_S3_SECRETKEY and REGISTRY_STORAGE_S3_ACCESSKEY env variables set | |
root@7b8a8efbe736:/go/src/github.com/docker/distribution# env | |
DISTRIBUTION_DIR=/go/src/github.com/docker/distribution | |
GOLANG_VERSION=1.4.2 | |
HOSTNAME=7b8a8efbe736 | |
TERM=xterm | |
PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin | |
PWD=/go/src/github.com/docker/distribution | |
SHLVL=1 | |
HOME=/root | |
GOPATH=/go/src/github.com/docker/distribution/Godeps/_workspace:/go | |
_=/usr/bin/env | |
version: 0.1 | |
log: | |
level: debug | |
fields: | |
service: registry | |
environment: development | |
storage: | |
cache: | |
layerinfo: inmemory | |
s3: | |
bucket: my-fake-bucket | |
region: us-west-2 | |
rootdirectory: /my/root/dir | |
maintenance: | |
uploadpurging: | |
enabled: false | |
http: | |
addr: :5000 | |
secret: asecretforlocaldevelopment | |
debug: | |
addr: localhost:5001 | |
redis: | |
addr: localhost:6379 | |
pool: | |
maxidle: 16 | |
maxactive: 64 | |
idletimeout: 300s | |
dialtimeout: 10ms | |
readtimeout: 10ms | |
writetimeout: 10ms | |
notifications: | |
endpoints: | |
- name: local-8082 | |
url: http://localhost:5003/callback | |
headers: | |
Authorization: [Bearer <an example token>] | |
timeout: 1s | |
threshold: 10 | |
backoff: 1s | |
disabled: true | |
- name: local-8083 | |
url: http://localhost:8083/callback | |
timeout: 1s | |
threshold: 10 | |
backoff: 1s | |
disabled: true | |
root@7b8a8efbe736:/go/src/github.com/docker/distribution# registry /conf/config.yaml | |
panic: Access Denied | |
goroutine 1 [running]: | |
github.com/docker/distribution/registry/handlers.NewApp(0x7f1726a7dba8, 0xc20803f5f0, 0xc20802b9f8, 0x3, 0xc20802ba30, 0x5, 0x0, 0x0, 0xc20803e2d0, 0xa5e630, ...) | |
/go/src/github.com/docker/distribution/registry/handlers/app.go:81 +0x5eb | |
main.main() | |
/go/src/github.com/docker/distribution/cmd/registry/main.go:62 +0x439 | |
goroutine 6 [syscall]: | |
os/signal.loop() | |
/usr/src/go/src/os/signal/signal_unix.go:21 +0x1f | |
created by os/signal.init·1 | |
/usr/src/go/src/os/signal/signal_unix.go:27 +0x35 | |
goroutine 16 [runnable]: | |
net/http.(*persistConn).readLoop(0xc208079340) | |
/usr/src/go/src/net/http/transport.go:928 +0x9ce | |
created by net/http.(*Transport).dialConn | |
/usr/src/go/src/net/http/transport.go:660 +0xc9f | |
goroutine 18 [select]: | |
net/http.(*persistConn).writeLoop(0xc208079340) | |
/usr/src/go/src/net/http/transport.go:945 +0x41d | |
created by net/http.(*Transport).dialConn | |
/usr/src/go/src/net/http/transport.go:661 +0xcbc | |
goroutine 17 [syscall, locked to thread]: | |
runtime.goexit() | |
/usr/src/go/src/runtime/asm_amd64.s:2232 +0x1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment