Operations grimoire/Docker registry

From Nasqueron Agora

The private Docker registry is currently deployed on Equatower.


What it contains?

The content can be inspected at https://infra.nasqueron.org/docker/registry. This page uses a small API in Rust, deployed also on Equatower (docker-registry-api container).

Allow or restrict an IP

The IPs allowed to connect to the registry to pull and push containers are configured at nginx level.

  1. Edit rOPS: pillar/paas/docker.sls to adjust the list of IPs under allowed_ips key.
  2. Update nginx configuration with salt equatower state.sls_id /etc/nginx/vhosts/registry/registry.conf roles/paas-docker/nginx/config
  3. Reload nginx on Equatower sudo nginx -t && sudo nginx -s reload