Introduction
Setting up a Docker Container Registry for custom Docker images can be accomplished in several steps. First, you need to create an image of what you want included and download an image from Quay from Ascend. Then, you need to update the image accordingly by adding steps/actions to uninstall/install information before uploading it to your registry of choice.
Once you have uploaded the image, you need to create an authentication credential within the registry (token or similar) for pulling images. After creating the credential, you can check if you can docker pull <repo/image:tag> name.
To send the credential, you need to base64 encode the contents of the username:token and the container config before sending it to support. The encrypted message will contain sensitive customer credentials, so it is important to protect the bare credentials.
Finally, you need to choose the appropriate config text sample, fill in the necessary values, and base64 encode the entire configuration string. You can then add the creds to the registry and perform a deploy to complete the refresh. After the deploy completes, you can add the tag for the custom Docker image in the Admin > Cluster Management > Custom Docker Images section.
Instructions
Let's walk through this step-by-step.
Step 1: Create an image
First, create an image of what you want to include. This could be an application or a piece of software that you have developed.
Step 2: Download an image from Quay
Next, download an image from Quay to use as a base. You can choose any image that is appropriate for your needs.
Step 3: Update the image
Update the image that you downloaded from Quay by adding the necessary steps or actions to install or uninstall information as required.
Step 4: Upload to your registry of choice
Once you have updated the image, upload it to your preferred registry.
Step 5: Create an authentication credential
Create an authentication credential within your registry. This could be a token or similar, which will be used for pulling images.
Step 6: Check that you can pull the image
Check that you can pull the image using the following command:
docker pull <repo/image:tag> name
Step 7: Base64 encode the credential
Base64 encode the contents of the username:token. This will help to protect your credentials.
Step 8: Base64 encode the container config
Base64 encode the contents of the container config. This will help to protect your configuration information.
Step 9: Send the credentials to support
Send the encoded credentials to support for them to upload to your registry. Use keybase.io to encrypt the credential to an authorized Ascend employee. The encrypted message can be sent directly to support via email.
Step 10: Update your registry
Update your registry with the encoded credentials using the appropriate config text for your registry.
For Azure Container Registry:
{
"auths": {
"<customer subdomain name>.azurecr.io": {
"auth": "<base64 encoded value>"
}
}
}
For Github Container Registry:
{
"auths": {
"ghcr.io": {
"auth": "<base64 encoded value>"
}
}
}
For Docker Container Registry:
{
"auths": {
"docker.io ": {
"auth": "<base64 encoded value>"
}
}
}
Step 11: Base64 encode the entire config
Base64 encode the entire configuration string to use in the updateenvcreds
command.
echo "$(pbpaste)" | base64
Step 12: Add the credentials
Add the credentials using the ascend cs updateenvcreds
command.
ascend cs updateenvcreds --environment-id=<ENV_ID> customDockerRegistryCreds <base64 encoded configuration>
Step 13: Perform a deploy
Perform a Circle CI deployment to refresh the credentials. Login to CircleCI and choose the branch or customer to redeploy. Rerun a deploy_only step to trigger the deployment. The process may take approximately 6-10 minutes to complete.
Step 14: Add custom Docker images
After the deploy completes, you should be able to add the tag for the custom Docker image that you want to use. Go to the Admin > Cluster Management > Custom Docker Images and add the tag in the appropriate format. For example:
ghcr.io/OWNER/IMAGE_NAME@sha256:82jf9a84u29hiasldj289498uhois8498hjs29hkuhs
Comments
0 comments
Please sign in to leave a comment.