-----------------------------------------------------------------------------------------------------------------------------------------------------
Step 1  Deployment of the index components and the registry from GitHub

$ sudo apt-get -y install build-essential python-dev \
libevent-dev python-pip liblzma-dev swig libssl-dev

$ sudo pip install docker-registry

$ cd /usr/local/lib/python2.7/dist-packages/config/

$ sudo cp config_sample.yml config.yml

$ sudo mkdir /var/docker-registry

sqlalchemy_index_database:
_env:SQLALCHEMY_INDEX_DATABASE:sqlite:////var/docker
registry/docker-registry.db

local: &local
storage: local
storage_path: _env:STORAGE_PATH:/var/docker-registry/registry

$ sudo gunicorn --access-logfile - --debug -k gevent -b \
0.0.0.0:5000 -w 1 docker_registry.wsgi:application

$ sudo mkdir -p /var/log/docker-registry

$ sudo vi /etc/init/docker-registry.conf

$ sudo service docker-registry start

$ sudo apt-get -y install nginx apache2-utils

$ sudo htpasswd -c /etc/nginx/docker-registry.htpasswd vinod1

-----------------------------------------------------------------------------------------------------------------------------------------------------
Step 2  Configuration of nginx with the Docker registry

$ sudo vi /etc/nginx/sites-available/docker-registry

upstream docker-registry {
server localhost:5000;
}
server {
listen 8080;
server_name my.docker.registry.com;
# ssl on;
# ssl_certificate /etc/ssl/certs/docker-registry;
# ssl_certificate_key /etc/ssl/private/docker-registry;
proxy_set_header Host $http_host; # required for
Docker client sake
proxy_set_header X-Real-IP $remote_addr; # pass on real
client IP
client_max_body_size 0; # disable any limits to avoid HTTP
413 for large image uploads
# required to avoid HTTP 411: see Issue #1486
(https://github.com/dotcloud/docker/issues/1486)
chunked_transfer_encoding on;
location / {
# let Nginx know about our auth file
auth_basic "Restricted";
auth_basic_user_file docker-registry.htpasswd;
proxy_pass http://docker-registry;
} location /_ping {
auth_basic off;
proxy_pass http://docker-registry;
} location /v1/_ping {
auth_basic off;
proxy_pass http://docker-registry;
}
}


$ sudo ln -s /etc/nginx/sites-available/docker-registry \
/etc/nginx/sites-enabled/docker-registry
$ sudo service nginx restart


$ sudo curl localhost:5000

$ curl localhost:8080

$ curl vinod1:vinod1@localhost:8080

-----------------------------------------------------------------------------------------------------------------------------------------------------
Step 3  Set up SSL on the web server for secure communication

$ sudo vi /etc/nginx/sites-available/docker-registry

server {
listen 8080;
server_name mydomain.com;
ssl on;
ssl_certificate /etc/ssl/certs/docker-registry;
ssl_certificate_key /etc/ssl/private/docker-registry;

$ sudo mkdir ~/certs
$ sudo cd ~/certs

$ sudo openssl genrsa -out devdockerCA.key 2048

$ sudo openssl req -x509 -new -nodes -key devdockerCA.key -days \
10000 -out devdockerCA.crt

$ sudo openssl genrsa -out dev-docker-registry.com.key 2048

$ sudo openssl req -new -key dev-docker-registry.com.key -out \
dev-docker-registry.com.csr

$ sudo openssl x509 -req -in dev-docker-registry.com.csr -CA \
devdockerCA.crt -CAkey devdockerCA.key -CAcreateserial -out \
dev-docker-registry.com.crt -days 10000

$ sudo cp dev-docker-registry.com.crt /etc/ssl/certs/docker-registry
$ sudo chmod 777 /etc/ssl/certs/docker-registry
$ sudo cp dev-docker-registry.com.key /etc/ssl/private/docker-registry
$ sudo chmod 777 /etc/ssl/private/docker-registry

$ sudo mkdir /usr/local/share/ca-certificates/docker-dev-cert
$ sudo cp devdockerCA.crt /usr/local/share/ca-certificates/dockerdev-cert
$ sudo update-ca-certificates

$ sudo service nginx restart

172.31.24.44 mydomain.com

$ sudo curl https://vinod1:vinod1@mydomain.com:8080
-----------------------------------------------------------------------------------------------------------------------------------------------------
Push the image to the newly created Docker registry

$ sudo docker run -t -i ubuntu /bin/bash
root@9593c56f9e70:/# echo "TEST" >/mydockerimage
root@9593c56f9e70:/# exit
$ sudo docker commit $(sudo docker ps -lq) vinod-image

$ sudo docker --insecure-registry= mydomain.com:8080 \
login https:// mydomain.com:8080
Username: vinod1
Password:
Email: vinod.puchi@gmail.com

$ sudo docker tag vinod-image mydomain.com:8080/vinod-image

$ sudo docker push \
mydomain.com:8080/vinod-image

$ sudo docker pull mydomain.com:8080/vinod-image

-----------------------------------------------------------------------------------------------------------------------------------------------------













