Deploying a Private Docker Registry to Cycle

Secure access to your own private registry helps control who has access to your images. Compared to usage-based services such as Docker Hub and Quay, a Cycle hosted private registry only consumes the resources you give it access to, yielding a more cost-effective deployment.

Let’s take a look at how simple it is to deploy a private Docker registry on Cycle. If you haven’t had the chance to make a Cycle account, don’t worry, I’ll include plenty of images to show the full process.

If you do want to follow along on your Cycle account, log into a hub, and I’ll get us going from a new environment, for those that wish to follow along but need to make an account, follow this guide to get up to speed in just a few minutes.

1. Create a new environment

Head over to the “Environments” tab and select “Add New Environment” from the top right.

Once you’re there, name your environment, select a cluster, and “Create Environment”.

create environment

2. Pull in the registry image and deploy it to the environment.

Click the “Deploy Container” button from your newly created environments, dashboard. This brings up the deploy container wizard.

With the deploy container wizard, we can do two things at once.

First, the wizard will import the image from Docker Hub, and then we will create a container from the image with the settings we put into the wizard.

I named my container registry. Per standards, I like to name my containers in lowercase and in line with the name of the image I’m using to create them.

We will choose:

Fill in the form data shown above Fill in the form data shown above

Scrolling down, you’ll see that we have the option to import a new image. Select this option.

Select “Import New Image” Select “Import New Image”

Select “Docker Hub” and put in registry as the image name and “2” as the tag, then “Import”.

docker hub form

After importing, Cycle will import the image. During this time, move on to the Network Settings. For this container setting Public Network to enabled will be necessary. Also, make sure that the hostname is also “registry” ( Cycle should have filled this in automatically )

When the image is finished downloading:

  1. A dropdown menu will become available.
  2. Open the dropdown and select the registry image from the list.
  3. Choose the size of your volume.
  4. Create Container

general deploy bot

3. Add Environment Variables and Set Ports

Now that the container has been imported into the environment, environment variables need to be set. One of the nice parts about working with containers on Cycle is the environment variables and other configuration settings can be set, changed, and updated after the container has been created through a graphical interface.

Nav to “Config” on the top menu of the new containers dashboard.

Navigate to the configuration. Navigate to the configuration.

After navigating to the containers config page:

  • Select the “Runtime” tab
  • Enter the environment variable (seen below)
  • “Add Variable” after entering each variable
  • Select the “Network” tab
  • Enter the ports 80:5000 and 443:5000 (pressing tab after the entry)
  • Click “Save Config” at the bottom.

Add the following environment variables. Add the following environment variables.Set the Ports Set the Ports

Navigate back to the environment dashboard and hold the “start” button on the top right of the screen to start all of the containers in the environment. This will start the discovery service, load balancer, and registry containers.

Navigate to dashboard and start the containers Navigate to dashboard and start the containers

4. Create a user and password for the registry

Open a new window and search for a htpasswd generator or use this link.

Make sure to copy down the user name and password you make somewhere safe. The only way that the encryption will work is if you use bCrypt. Select bCrypt from the list of possible encryptions before hashing the password.

Select bCrypt and make sure to note your username and password somewhere safe. Select bCrypt and make sure to note your username and password somewhere safe.

5. Use the two-way console to add your user to the htpasswd file

Updating the htpasswd file through the two-way console is a snap.

two way console

To find the two-way console start on the environment dashboard > Containers > registry > Instances > the registry instance. This is the instance console page. It has information about the instance, a stream of the console output, volume information ( if the remote connection is enabled ), IP, and ssh access credentials.

Press “Request Access” to reveal temporary credentials.

After revealing the credentials, copy and paste the ssh credentials into a terminal. This creates a secure ssh connection where the container files can be debugged and modified. Copy the user and password information created earlier. Go to /var/lib/registry:

  • vi htpasswd
  • from normal mode type “dd” to delete the docker user
  • press “i” to enter insert mode

This enters into insert mode paste your username and password credentials in the same format as the example.

  • user:hashed_password
  • press “esc” to exit insert mode
  • save and quit the editor (:wq)

After entering the new user, exit the connection and use a linked record to point your domain at the registry container.

For more information on how to set up DNS on Cycle, check this guide.

6. Tag a docker image, push it to your registry, and import it to Cycle.

Open a terminal and pull down an image to work with from docker. I use alpine for this guide.

  1. Tag the image: docker tag image:tag subdomain.domain.tld/image:tag
  2. Log into the new registry docker login subdomain.domain.tld
    Username: username
    Password: unhashed_password
  3. Push the image to the registry docker push subdomain.domain.tld/image:tag
  4. Import it to Cycle.
  5. Select the images tab and then “Import Image”

Choose “Docker Registry” and enter the registry credentials into the import form and “Import”. (Be sure to enter the image that was just pushed to the new registry)

Import the image you just pushed to your private registry Import the image you just pushed to your private registry

After the image finishes importing, congratulations, you have successfully imported your image from your private registry.

Still Have Questions?

If you want to dive in and learn more, head over to our slack channel. Our community is growing, and our team hangs out there daily. Feel free to shoot us a message any time with your questions and we’ll be sure to respond!

Of course, for a more in-depth look at how to use Cycle, check out our documentation.