1 Usage

kwk edited this page 2014-10-01 06:16:51 -07:00

Table of Contents

• Usage
• SSL encryption
• Kerberos authentication

Usage

This application is available in the form of a Docker image that you can run as a container by executing this command:

sudo docker run \
  -d \
  -e ENV_DOCKER_REGISTRY_HOST=ENTER-YOUR-REGISTRY-HOST-HERE \
  -e ENV_DOCKER_REGISTRY_PORT=ENTER-PORT-TO-YOUR-REGISTRY-HOST-HERE \
  -p 8080:80 \
  konradkleine/docker-registry-frontend

This command starts the container and forwards the container's private port 80 to your host's port 8080. Make sure you specify the correct url to your registry.

When the application runs you can open your browser and navigate to http://localhost:8080.

SSL encryption

If you want to run the application with SSL enabled, you can do the following:

sudo docker run \
  -d \
  -e ENV_DOCKER_REGISTRY_HOST=ENTER-YOUR-REGISTRY-HOST-HERE \
  -e ENV_DOCKER_REGISTRY_PORT=ENTER-PORT-TO-YOUR-REGISTRY-HOST-HERE \
  -e ENV_USE_SSL=yes \
  -v $PWD/server.crt:/etc/apache2/server.crt:ro \
  -v $PWD/server.key:/etc/apache2/server.key:ro \
  -p 443:443 \
  konradkleine/docker-registry-frontend

Note that the application still serves the port 80 but it is simply not exposed ;). Enable it at your own will. When the application runs with SSL you can open your browser and navigate to https://localhost.

Kerberos authentication

If you want to use Kerberos to protect access to the registry frontend, you can do the followiung:

sudo docker run \
  -d \
  -e ENV_DOCKER_REGISTRY_HOST=ENTER-YOUR-REGISTRY-HOST-HERE \
  -e ENV_DOCKER_REGISTRY_PORT=ENTER-PORT-TO-YOUR-REGISTRY-HOST-HERE \
  -e ENV_AUTH_USE_KERBEROS=yes \
  -e ENV_AUTH_NAME="Kerberos login" \
  -e ENV_AUTH_KRB5_KEYTAB=/etc/apache2/krb5.keytab \
  -v $PWD/krb5.keytab:/etc/apache2/krb5.keytab:ro \
  -e ENV_AUTH_KRB_REALMS="ENTER.YOUR.REALMS.HERE" \
  -e ENV_AUTH_KRB_SERVICE_NAME=HTTP \
  -p 80:80 \
  konradkleine/docker-registry-frontend

You can of course combine SSL and Kerberos.