Presentation is loading. Please wait.

Presentation is loading. Please wait.

Explore the Basics of setting up your first secure Private Docker Registry This is a Title Slide with Graphic slide ideal for including a picture with.

Published byAmbrose Richard Modified over 6 years ago

Similar presentations

Presentation on theme: "Explore the Basics of setting up your first secure Private Docker Registry This is a Title Slide with Graphic slide ideal for including a picture with."— Presentation transcript:

1 Explore the Basics of setting up your first secure Private Docker Registry
This is a Title Slide with Graphic slide ideal for including a picture with a brief title, subtitle and presenter information. Do not customize this slide with your own background. Mike Raab Senior Principal Product Manager Oracle Container Cloud Service March 8, 2017

2

3 Program Agenda 1 About Me It Starts with the VM Key Tools on the Road of SSL Certificates Docker Run Q&A 2 3 4 5

4 About Me 30 plus years in x86 compute industry
20 plus years in software I Internet 10 years in Virtualization |Cloud | SaaS | IaaS 3 years working with Docker Current - Product Manager at Oracle for Container Cloud Service

5 Let’s Build a Secure Private Docker Image Registry
Oracle Cloud VM – OL6 UEK4 + Open SSH / HTTPS Ports + Docker Engine + Valid SSL Certs

6 Install / Verify Docker Engine on OL6

7 Docker Engine is Installed

8 Create DNS A Record In Your CPanel

9 Third Party Tools To Be Used
Acme.sh ( Tool to interact with Let’s Encrypt Supports a variety of modes, including DNS Supports Oracle Linux Let’s Encrypt ( Free and open Certificate Authority MX Toolbox ( Used to check DNS Propagation

10 Install Acme.sh

11 Use Acme.sh DNS Method $ acme.sh --issue --dns -d registry.example.com

12 Add Text Record in CPanel

13 Check that TXT record has propagated DNS

14 Request Certs $ acme.sh --renew -d registry.example.com

15 Copy Certs to /home/opc/certs
$ acme.sh --renew -d registry.example.com *

16 Prep and Docker Run $ cd /home/opc $ docker pull registry:2
$ mkdir auth $ docker run --entrypoint htpasswd registry:2 -Bbn testuser testpassword > auth/htpasswd $ docker run -d --restart=always -p=443:5000/tcp - e="REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt" - e="REGISTRY_HTTP_TLS_KEY=/certs/registry.example.com.key" -e="REGISTRY_AUTH=htpasswd" - e="REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" -e="REGISTRY_AUTH_HTPASSWD_REALM=Our Test Registry" -v=/home/opc/certs:/certs -v=/home/opc/auth:/auth -v /home/opc/registry:/var/lib/registry "registry:2"

17 Login to Registry and Push Test Image

18 Verify in Browser

19 Validate in Oracle Container Cloud Service

20 Key Links and Content Content Location
This Presentation is based on this Blog: More Information on Oracle Public Cloud Infrastructure: More Information on Oracle Container Cloud Service:

21 Questions?

22 Add a UI via Docker Compose
registry: restart: always image: registry:2 ports: - 443:5000 environment: REGISTRY_HTTP_TLS_CERTIFICATE: /certs/domain.crt REGISTRY_HTTP_TLS_KEY: /certs/registry.example.com.key REGISTRY_AUTH: htpasswd REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd REGISTRY_AUTH_HTPASSWD_REALM: Example Registry volumes: - /home/opc/certs:/certs - /home/opc/auth:/auth - /home/opc/registry:/var/lib/registry ui: image: konradkleine/docker-registry-frontend:v2 - 8443:443 extra_hosts: - "registry.example.com: " ENV_DOCKER_REGISTRY_HOST: registry.example.com ENV_DOCKER_REGISTRY_PORT: 443 ENV_DOCKER_REGISTRY_USE_SSL: 1 ENV_USE_SSL: 1 - /home/opc/certs/domain.crt:/etc/apache2/server.crt:ro - /home/opc/certs/registry.example.com.key:/etc/apache2/server.key:ro

Download ppt "Explore the Basics of setting up your first secure Private Docker Registry This is a Title Slide with Graphic slide ideal for including a picture with."

Similar presentations

Client-server practices DSC340 Mike Pangburn. Agenda Overview of client-server development Editing on client (e.g., Notepad) or directly on server (e.g.,

Client-server practices DSC340 Mike Pangburn. Agenda Overview of client-server development Editing on client (e.g., Notepad) or directly on server (e.g.,
Cloud computing is used to describe a variety of computing concepts that involve a large number of computers connected through a real-time communication.

Cloud computing is used to describe a variety of computing concepts that involve a large number of computers connected through a real-time communication.
Apache Web Server Quick and Dirty Steve Gibbard for SANOG 16 (Originally by Joel Jaeggli for AfNOG 2007) ‏

Apache Web Server Quick and Dirty Steve Gibbard for SANOG 16 (Originally by Joel Jaeggli for AfNOG 2007) ‏
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Create an Office Mix Let’s Get Started….

Create an Office Mix Let’s Get Started….
Learning Word Press. You will learn how to Get your own www.yourname.comwww.yourname.com Get hosting for your website Get a design for your website Learn.

Learning Word Press. You will learn how to Get your own Get hosting for your website Get a design for your website Learn.
APACHE SERVER By Innovationframes.com »

APACHE SERVER By Innovationframes.com »
Amazon EC2 Quick Start adapted from EC2_GetStarted.html.

Amazon EC2 Quick Start adapted from EC2_GetStarted.html.
Linux Operations and Administration

Linux Operations and Administration
Lecture 5 Title: Networks and Businesses

Lecture 5 Title: Networks and Businesses
Celoxis Intro Celoxis is a web-based project management software company based in India. The Celoxis application integrates management of projects, resources,

Celoxis Intro Celoxis is a web-based project management software company based in India. The Celoxis application integrates management of projects, resources,
Presented by: Sanketh Beerabbi University of Central Florida COP6087 - Cloud Computing.

Presented by: Sanketh Beerabbi University of Central Florida COP Cloud Computing.
Apache Web Server Quick and Dirty for AfNOG 2015 (Originally by Joel Jaeggli for AfNOG 2007) ‏

Apache Web Server Quick and Dirty for AfNOG 2015 (Originally by Joel Jaeggli for AfNOG 2007) ‏
© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 7 Authentication Methods and Requirements.

© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 7 Authentication Methods and Requirements.
1 Professional Communications Introduction to Slide Presentations Copyright © Texas Education Agency, 2012. All rights reserved. Images and other multimedia.

1 Professional Communications Introduction to Slide Presentations Copyright © Texas Education Agency, All rights reserved. Images and other multimedia.
Click to edit Master text styles Make Interactive Videos with PowerPoint and Office Mix.

Click to edit Master text styles Make Interactive Videos with PowerPoint and Office Mix.
Company LOGO January 24 th, 2007 PC Manager Meeting.

Company LOGO January 24 th, 2007 PC Manager Meeting.
WHAT THE APP IS THAT? DECEPTION AND COUNTERMEASURES IN THE ANDROID USER INTERFACE.

WHAT THE APP IS THAT? DECEPTION AND COUNTERMEASURES IN THE ANDROID USER INTERFACE.
How to Remove Websearch. Install the Anti-Malware Software.

How to Remove Websearch. Install the Anti-Malware Software.
Intro to Docker Containers

Intro to Docker Containers

Similar presentations

Ads by Google