Operations grimoire/Docker registry: Difference between revisions
From Nasqueron Agora
(Created page with "The private Docker registry is currently deployed on Equatower. The IPs allowed to connect to are configured at nginx level. == FAQ == === Allow or restrict an IP === 1....") |
No edit summary |
||
| Line 1: | Line 1: | ||
The private Docker registry is currently deployed on [[Equatower]]. | The private Docker registry is currently deployed on [[Equatower]]. | ||
The | == FAQ == | ||
=== What it contains? === | |||
The content can be inspected at https://infra.nasqueron.org/docker/registry. This page uses a small API in Rust, deployed also on Equatower (docker-registry-api container). | |||
=== Allow or restrict an IP === | === Allow or restrict an IP === | ||
The IPs allowed to connect to the registry to pull and push containers are configured at nginx level. | |||
# Edit {{Ops file|pillar/paas/docker.sls}} to adjust the list of IPs under <code>allowed_ips</code> key. | |||
# Update nginx configuration with <code>salt equatower state.sls_id /etc/nginx/vhosts/registry/registry.conf roles/paas-docker/nginx/config</code> | |||
# Reload nginx on Equatower <code>sudo nginx -t && sudo nginx -s reload</code> | |||
Latest revision as of 10:16, 27 February 2020
The private Docker registry is currently deployed on Equatower.
FAQ
What it contains?
The content can be inspected at https://infra.nasqueron.org/docker/registry. This page uses a small API in Rust, deployed also on Equatower (docker-registry-api container).
Allow or restrict an IP
The IPs allowed to connect to the registry to pull and push containers are configured at nginx level.
- Edit rOPS: pillar/paas/docker.sls to adjust the list of IPs under
allowed_ipskey. - Update nginx configuration with
salt equatower state.sls_id /etc/nginx/vhosts/registry/registry.conf roles/paas-docker/nginx/config - Reload nginx on Equatower
sudo nginx -t && sudo nginx -s reload
