English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 4h 08m | 780 MB
At some point, you will outgrow storing custom images on Docker Hub. This course prepares you to deploy your own self-hosted registry.
What would Docker be without Docker Hub? If it were not for images, you would never have heard of Docker, and that’s because simplifying image distribution is what made Docker exponentially useful. Initially the images on Docker Hub suffice, but at some point, as you begin to build your own images, you’ll outgrow storing them on Docker Hub for a variety of reasons. In this course, Implementing a Self-hosted Docker Registry, we will dissect deploying your own registry in the following scenarios. First, you will learn to take total control of a registry, perhaps as a matter of compliance, and learn to distribute sensitive images privately. Next, you will see how to co-locate a registry for performance reasons, to save bandwidth, or to mirror Docker Hub images to a local registry cache. Then, you will explore the internal workings of a registry and gain flexibility in securing your registry. Finally, you will be able to standardize application packaging and distribution within your organization using Docker images, to reap the same benefits that Docker Hub brought to open-source public applications. By the end of this course, you’ll be well prepared to deploy your own self-hosted registry.
Table of Contents
Course Overview
1 Course Overview
Deploying Your First Registry to Distribute Images
2 The Journey to Self Hosting
3 Running the First Registry
4 Registry Organization Terms and API
5 Pushing an Image to a Registry
6 Configuring the Docker Daemon to Allow an Insecure Registry
7 Distributing Images Without Access to Docker Hub
8 Running a Registry Web UI
9 Beware of the Default Anonymous Registry Data Volume
10 Observing the Default Anonymous Volume Lifecycle
11 Storing Registry Data on a Named Volume
12 Why Self Host
Registry Mirroring with a Pull-through Cache
13 The Value of a Local Registry Mirror
14 Challenge – Setting up a docker-compose.yml for a Local Registry
15 Using an Enviroment Variable to Enable Mirroring
16 Configuring the Docker Daemon to Use a Registry Mirror
17 Pulling an Image Through the Mirror for the First Time
18 Even with Gigabit Download Speeds a Mirror Can Help
19 Timing Docker Image Pull on a Slower Connection
20 Configure Docker for Windows Registry Mirrors
Automating Builds with Notifications
21 Automating Image Builds with Notifications
22 Building a Mongo Image with Sample Data
23 Setting up the Mongo with Data Example
24 Setting up a Registry Config File
25 Configuring a Jenkins Notification Endpoint
26 Creating a Registry Container That Uses the Custom Config File
27 Configuring Json Formatted Logging
28 Cleaning up the JSON with jq
29 Adding a Standalone RequestBin to Inspect Registry Notifications
30 Testing a Push Notification to RequestBin
31 A Fully-bootstrapped Jenkins Environment
32 Starting Two Registries and Jenkins
33 Simulating an Image Vetting Process
34 Setting the Notification URL to the Jenkins Docker Registry Webhook
35 Image Push Triggers Jenkins to Build and Push Dependent Images
Cleaning up Images and Configuring Storage
36 Sadly You Cant –force-recreate in Production to Free up Space
37 Registry Storage Drivers
38 Switching to the in-memory Storage Driver
39 Restarting Wipes Data with the in-memory Storage Driver
40 Cloud Specific Storage Drivers
41 Deleting Images Example Setup
42 Exploring the Registry Filesystem Layout to Store Images
43 Enabling Deletes in the Front End
44 Digging into What Happens When You Delete an Image
45 Deleting from curl or a CI Tool Like TeamCity or Jenkins
46 Garbage Collection Dry Run
47 Safely Running Garbage Collection with Readonly
48 Running Garbage Collection
49 Tag Mutability and Garbage Collection
Securing the Registry
50 Time to Secure the Registry
51 Basic Auth Limits Client Access with an htpasswd File
52 Explaining the Basic Auth Example Files
53 Basic Auth to the Registry API from a Browser
54 Pushing Images to a Registry with Basic Auth
55 Token Auth
56 Token Auth with Docker Hub
57 Silly Auth
58 You Can Use a Proxy Too
59 TLS
60 TLS Example Files
61 Encrypted Communications to the Registry API
62 The Docker Daemon Needs to Trust the Registry Certificate
63 Pushing Images Fails with Untrusted Certificate
64 Trusting a Self-signed Certificate
65 Removing Trust in a Self-signed Certificate
Preparing a Production Cluster Registry
66 Shifting Attention to Production Servers
67 Network and Node Level Registry Access
68 Indirect Access via the Node Level Docker Image Cache
69 Linking Registry Credentials to a Service Definition
70 Scaling Registry Capacity
71 Keeping Up
72 Additional Resources
Resolve the captcha to access the links!