Docker registry:2.0 overriding configuration options

Question

Has anyone tried using environment variables to override configuration options in the registry, say if you have to use s3 bucket as the storage for example. I read the doc and it says (https://docs.docker.com/registry/configuration/):

Overriding configuration options
Environment variables may be used to override configuration parameters other than 
version. To override a configuration option, create an environment variable named 
REGISTRY_variable_ where variable is the name of the configuration option.

e.g

REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/tmp/registry/test

will set the storage root directory to /tmp/registry/test

So I tried this command, but it does not seem to have any effect when I start the registry:

docker run -it -v /var/log/docker-registry:/var/log -p 5000:5000 \
-e REGISTRY_STORAGE_S3_ACCESSKEY=****************** \
-e REGISTRY_STORAGE_S3_SECRETKEY=****************** \
-e REGISTRY_STORAGE_S3_BUCKET=itmcc-docker-registry-backend \
-e REGISTRY_STORAGE_S3_REGION=us-east-1 \
registry:2.0

In the logs I see the regular output as if it does not take the env variables into account and try to connect to S3:

INFO[0000] endpoint local-8082 disabled, skipping        environment=development instance.id=025c9fcd-2ec1-4d5f-82ec-d3246d54cdb5 service=registry version=v2.0.0
INFO[0000] endpoint local-8083 disabled, skipping        environment=development instance.id=025c9fcd-2ec1-4d5f-82ec-d3246d54cdb5 service=registry version=v2.0.0
INFO[0000] using inmemory layerinfo cache                environment=development instance.id=025c9fcd-2ec1-4d5f-82ec-d3246d54cdb5 service=registry version=v2.0.0
INFO[0000] listening on :5000                            environment=development instance.id=025c9fcd-2ec1-4d5f-82ec-d3246d54cdb5 service=registry version=v2.0.0
INFO[0000] Starting upload purge in 42m0s                environment=development instance.id=025c9fcd-2ec1-4d5f-82ec-d3246d54cdb5 service=registry version=v2.0.0
INFO[0000] debug server listening localhost:5001

PS: If I use an IAM role with my ec2, it seems redundant to pass in the access and secret key to docker registry container, can docker utilize the IAM role yet, has anyone tried that?

Edit: After I run container and the exec command to see output of env:

root@0a349294f792:/go/src/github.com/docker/distribution# env
REGISTRY_STORAGE_S3_SECRETKEY=*************************
DISTRIBUTION_DIR=/go/src/github.com/docker/distribution
GOLANG_VERSION=1.4.2
HOSTNAME=0a349294f792
REGISTRY_STORAGE_S3_BUCKET=itmcc-docker-registry-backend
PATH=/go/bin:/usr/src/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/go/src/github.com/docker/distribution
REGISTRY_STORAGE_S3_REGION=us-east-1
SHLVL=1
HOME=/root
GOPATH=/go/src/github.com/docker/distribution/Godeps/_workspace:/go
REGISTRY_STORAGE_S3_ACCESSKEY=*************************
_=/usr/bin/env
root@0a349294f792:/go/src/github.com/docker/distribution#

Answer 1

The complete command that works for me from a docker run command is:

docker run -d -p 5000:5000 \
-e "REGISTRY_STORAGE=s3" \
-e "REGISTRY_STORAGE_S3_REGION=us-east-1"\
-e "REGISTRY_STORAGE_S3_BUCKET=******"\ 
-e "REGISTRY_STORAGE_S3_ACCESSKEY=******"\ 
-e "REGISTRY_STORAGE_S3_SECRETKEY=******"\ 
registry:2

Note the addition of the REGISTRY_STORAGE=s3 environment variable.

They hint at this in the registry docs:

Note: If an environment variable changes a map value into a string, such as replacing the storage driver type with REGISTRY_STORAGE=filesystem, then all sub-fields will be erased. As such, specifying the storage type in the environment will remove all parameters related to the old storage configuration.