Has anyone tried using environment variables to override configuration options in the registry, say if you have to use s3 bucket as the storage for example. I read the doc and it says (https://docs.docker.com/registry/configuration/):
Overriding configuration options
Environment variables may be used to override configuration parameters other than
version. To override a configuration option, create an environment variable named
REGISTRY_variable_ where variable is the name of the configuration option.
e.g
REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/tmp/registry/test
will set the storage root directory to /tmp/registry/test
So I tried this command, but it does not seem to have any effect when I start the registry:
docker run -it -v /var/log/docker-registry:/var/log -p 5000:5000 \
-e REGISTRY_STORAGE_S3_ACCESSKEY=****************** \
-e REGISTRY_STORAGE_S3_SECRETKEY=****************** \
-e REGISTRY_STORAGE_S3_BUCKET=itmcc-docker-registry-backend \
-e REGISTRY_STORAGE_S3_REGION=us-east-1 \
registry:2.0
In the logs I see the regular output as if it does not take the env variables into account and try to connect to S3:
INFO[0000] endpoint local-8082 disabled, skipping environment=development instance.id=025c9fcd-2ec1-4d5f-82ec-d3246d54cdb5 service=registry version=v2.0.0
INFO[0000] endpoint local-8083 disabled, skipping environment=development instance.id=025c9fcd-2ec1-4d5f-82ec-d3246d54cdb5 service=registry version=v2.0.0
INFO[0000] using inmemory layerinfo cache environment=development instance.id=025c9fcd-2ec1-4d5f-82ec-d3246d54cdb5 service=registry version=v2.0.0
INFO[0000] listening on :5000 environment=development instance.id=025c9fcd-2ec1-4d5f-82ec-d3246d54cdb5 service=registry version=v2.0.0
INFO[0000] Starting upload purge in 42m0s environment=development instance.id=025c9fcd-2ec1-4d5f-82ec-d3246d54cdb5 service=registry version=v2.0.0
INFO[0000] debug server listening localhost:5001
PS: If I use an IAM role with my ec2, it seems redundant to pass in the access and secret key to docker registry container, can docker utilize the IAM role yet, has anyone tried that?
Edit: After I run container and the exec command to see output of env:
root@0a349294f792:/go/src/github.com/docker/distribution# env
REGISTRY_STORAGE_S3_SECRETKEY=*************************
DISTRIBUTION_DIR=/go/src/github.com/docker/distribution
GOLANG_VERSION=1.4.2
HOSTNAME=0a349294f792
REGISTRY_STORAGE_S3_BUCKET=itmcc-docker-registry-backend
PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/go/src/github.com/docker/distribution
REGISTRY_STORAGE_S3_REGION=us-east-1
SHLVL=1
HOME=/root
GOPATH=/go/src/github.com/docker/distribution/Godeps/_workspace:/go
REGISTRY_STORAGE_S3_ACCESSKEY=*************************
_=/usr/bin/env
root@0a349294f792:/go/src/github.com/docker/distribution#
The complete command that works for me from a docker run
command is:
docker run -d -p 5000:5000 \
-e "REGISTRY_STORAGE=s3" \
-e "REGISTRY_STORAGE_S3_REGION=us-east-1"\
-e "REGISTRY_STORAGE_S3_BUCKET=******"\
-e "REGISTRY_STORAGE_S3_ACCESSKEY=******"\
-e "REGISTRY_STORAGE_S3_SECRETKEY=******"\
registry:2
Note the addition of the REGISTRY_STORAGE=s3
environment variable.
They hint at this in the registry docs:
Note: If an environment variable changes a map value into a string, such as replacing the storage driver type with REGISTRY_STORAGE=filesystem, then all sub-fields will be erased. As such, specifying the storage type in the environment will remove all parameters related to the old storage configuration.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With