Docker Registry in xCAT
=======================

Docker Registry is a stateless, highly scalable server side application that stores and lets you distribute Docker images.

This document describes how to set up a local private docker registry on Ubuntu 15.04 on x86_64.

**Note:** Ensure that docker registry is not already set up on this docker host.

Setting Up Docker Host
----------------------

Install Docker version 1.6.0 or newer.

Setting Up Docker Registry Manually
-----------------------------------

Docker registry needed to be set up on xCAT's MN.

This section describes two methods of setting up docker registry manually.

First, create some folders where files for this tutorial will live. ::

    mkdir /docker-registry && cd $_
    mkdir certs

Copy xCAT server certificate and key to certs folder. ::

    cp /etc/xcat/cert/server-cert.pem certs/domain.crt
    cp /etc/xcat/cert/server-key.pem certs/domain.key

Method 1: Start Docker Registry Directly
````````````````````````````````````````

Create Configuration File
'''''''''''''''''''''''''

Define configuration file ``docker-registry`` under ``/docker-registry/`` folder as below. ::
  
    #!/bin/bash

    docker_command=$1
    if [ $docker_command = "start" ]; then
        docker_ps_result=$(docker ps -a | grep "registry")
        if [ -z $docker_ps_result ]; then
            docker run -d -p 5000:5000 --restart=always --name registry \
              -v `pwd`/data:/data \
              -e REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/data \
              -v `pwd`/certs:/certs \
              -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
              -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
              registry:2
        else
            docker start registry
        fi
    elif [ $docker_command = "stop" ]; then
        docker stop registry
    else
        echo "The parameter is wrong."
    fi

Starting Docker Registry as a Service
'''''''''''''''''''''''''''''''''''''

Create ``docker-registry.service`` file in ``/etc/systemd/system/``, add the following contents to it. ::

    [Unit]
    Description=Docker Registry

    [Service]
    Type=oneshot
    RemainAfterExit=yes
    WorkingDirectory=/docker-registry
    ExecStart=/bin/bash docker-registry start
    ExecStop=/bin/bash docker-registry stop

    [Install]
    WantedBy=default.target

Start registry service: ::

    service docker-registry start

Method 2: Managing Docker Registry with Compose
```````````````````````````````````````````````

Docker Compose it is a tool for defining and running Docker applications. It could help setting up registry. 

Install Docker Compose
''''''''''''''''''''''

Compose can also be run inside a container, from a small bash script wrapper. To install compose as a container run: ::

    curl -L https://github.com/docker/compose/releases/download/1.5.2/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
    chmod +x /usr/local/bin/docker-compose

Create Configuration File
'''''''''''''''''''''''''

Define configuration file ``docker-compose.yml`` under ``/docker-registry/`` folder as below. ::

    registry:
      restart: always
      image: registry:2
      ports:
        - 5000:5000
      environment:
        REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
        REGISTRY_HTTP_TLS_CERTIFICATE: /certs/domain.crt
        REGISTRY_HTTP_TLS_KEY: /certs/domain.key
      volumes:
        - ./data:/data
        - ./certs:/certs

The environment section sets environment variables in the Docker registry container. The Docker registry app knows to check this environment variable when it starts up and to start saving its data to the ``/data`` folder as a result.

Starting Docker Registry as a Service
'''''''''''''''''''''''''''''''''''''

Create ``docker-registry.service`` file in ``/etc/systemd/system/``, add the following contents to it. ::

    [Uint]
    Description=Docker Registry

    [Service]
    Type=simple
    Restart=on-failure
    RestartSec=30s
    WorkingDirectory=/docker-registry
    ExecStart=/usr/local/bin/docker-compose up

    [Install]
    WantedBy=default.target

Start registry service: ::

    service docker-registry start

Accessing Docker Registry from other docker host
------------------------------------------------

Copy ca.crt file from xCAT MN to a client machine. Client machine must be a docker host. ::

    scp username@xCAT_MN_ip:/etc/xcat/cert/ca.pem /etc/docker/certs.d/domainname:5000/ca.crt

List Available Images in Registry
`````````````````````````````````````
::

    curl -k https://domainname:5000/v2/_catalog 

Pull Images from Registry
`````````````````````````  
Just use the "tag" image name, which includes the domain name, port, and image name. ::

    docker pull domainname:5000/imagename

Push Images to Registry
```````````````````````

Before the image can be pushed to the registry, it must be tagged with the location of the private registry. ::

    docker tag imagename domainname:5000/imagename

Now we can push that image to our registry. ::

    docker push domainname:5000/imagename

**note:** If there is a problem with the CA certificate, edit the file ``/etc/default/docker`` so that there is a line that reads: ``DOCKER_OPTS="--insecure-registry domianname:5000"`` . Then restart Docker daemon ``service docker restart`` .