Flux7 Flux7
  • Digital Innovation
      • Digital Innovation
      Enable Software Innovation
      • CI/CD: Accelerate Deployments Through Pipelines
      • Containers Infrastructure:Improve Agility with Containers
      • Build:Custom Toolchain Deployment
      • Microservices: Speed Application Development
      • HPC:Product Design & Simulation
      • Renovate:Application Migration to the Cloud
      • Serverless:Innovate at the Speed of the Market
      Scale Enterprise DevOps
      • AWS DevOps Consulting:  Refactor Large Quantities of Apps to AWS
      • Cloud-Native Architectures: Accelerate Business with Cloud-Native Services
  • Operational Excellence
      • Services
      Cloud Implementation Services
      • Cloud Migration Services: Streamline Your Cloud Migration
      • Build Cloud Foundations: Accelerate Adoption with Strong Cloud Foundations
      • ISV Workloads on Cloud: Defined Solutions and Proven IP
      • High-Performance Computing Services: Exploit Cloud Elasticity and Scalability
      Enforce Security and Compliance
      • Automate Compliance: Meet Corporate and Legal Requirements
      • Web Application Firewall:Protect Vital Data and Functions

      Our landing zones on AWS emphasizes training, documentation, and resources to help teams new to AWS get the skills they need for long-term business agility.

      Gain a Landing Zone That Fits Your Needs Today

  • Industries
      • Industries
       
      • Energy:Cloud Solutions for the Energy Industry
      • Finance: Secure Infrastructure for Improved Customer Service and Analytics
      • Healthcare & Life Sciences: Meet Security & Compliance Requirements
      • Hospitality: Increase Customer Acquisition
       
      • Manufacturing: Innovation with Digital Transformation
      • Retail:Grow Customer Loyalty and Lifetime Value
      • Semiconductor: Legacy Modernization Services
      • Software:Grow Developer Agility and Application Reliability
       

      Read our industry success stories and the benefits our customers saw

      Read the Case Studies

  • Tech
      • Tech
      Flux7 Tech
      • DevOps Toolchain: Reduce DevOps Challenges
      • Amazon Web Services: Reduce Complexities and Risks in AWS Architectures
      • AWS Database Services: Design and Implementation of Infrastructure for Cloud-Based Databases
      Configuration
      • Cloud Configuration: Gain Greater Consistency, Repeatability & Agility
      • HashiCorp Terraform: Defining Infrastructure as Code 
      • AWS CloudFormation: Reduce Maintenance and Improve Security
      Containers
      • Container Infrastructure: Improve Agility with Containers
      • Docker: Build, Ship and Run Applications Anywhere
      • Kubernetes: Container Consulting Services
      • Red Hat OpenShift: Speed Code Delivery

      Rapidly adopt technology to achieve Infrastructure as Code and continuous delivery and support of applications and workloads.

      Create Your DevOps Toolchain

  • Resources
      • Resources
      Research & Reports
      • Analyst Insights & Reports
      • Blog
      • Case Studies
      • White Papers
      News & Events
      • Events Calendar
      • Newsroom
      • Press Releases
      Flux7 Academy
      • Tech Tutorials

      Read about what we do, how we do it and how our customer's benefit from our solutions.

      Read and Download Our Case Studies

  • About
      • About Flux7
      Get To Know Us
      • About Flux7
      • Awards & Recognitions
      • Meet Our Team
      Work With Us
      • Careers
      • Our Culture
      Partner With Us
      • Flux7 partners with technology vendors who deliver solutions to help our customers address scalability, security, reduce the cost of infrastructure delivery and improve speed to market.

      Welcome to Flux7! Get to know us a bit better and discover what makes us different than other DevOps Consultants.

      Discover What Makes Us Different

  • Contact us
An NTT DATA Company

Login Contact us

Docker Tutorial Series, Part 4: Registry & Workflows

Array ( [0] => WP_Term Object ( [term_id] => 90 [name] => Blog [slug] => blog [term_group] => 0 [term_taxonomy_id] => 90 [taxonomy] => category [description] => [parent] => 0 [count] => 636 [filter] => raw ) )

Docker Tutorial Series, Part 4: Registry & Workflows

By Flux7 Labs
May 22, 2014

In the previous Docker Tutorial Series post, we discussed the importance of DockerFile and provided a list of DockerFile commands that makes the automation of image creation easier. In this post, let’s talk about a significant Docker component: Docker Registry. This is the central registry for all repositories, public and private, and their workflows. But, before we dive into Docker Registry, let’s go over some common terms and concepts related to repositories.

1. Repositories can be “liked” using stars or by being bookmarked.

2. Interact with the community by using the comment service to leave “comments” on the repositories.

3. Private repositories are similar to public ones, except that the former does not show up on search results and give access rights to it. A user, set as a collaborator, only has access to the private repositories.

4. Configure webhooks after a successful push has been made.

Docker Registry has three roles to play: the index, registry and registry client.

 

Role #1 — Index: The index is responsible for and maintains information about user accounts, checksums of the images, and public namespaces. It maintains such information using the following components:

a. Web UI

b. Meta-data store

c. Authentication service

d. Tokenization

It also resolves longer URLs for easier use and authenticates owners to repositories.

 

Role #2 — Registry: The registry houses the images and graphs for the repositories. However, it does not have a local database and provides no user authentication. Database support is provided by S3, cloud files and local FS. Furthermore, the authentication is taken care of by the Index Auth service using tokens. Registries can be of different types. Let’s analyze a few of them:

1. Sponsor Registry: A third-party registry for use by its customers and the #Docker community.

2. Mirror Registry: A third-party registry for use by only its customers.

3. Vendor Registry: A registry provided by a vendor who distributes #Docker images.

4. Private Registry: A registry operated by a private entity with a firewall and additional layers of security.

 

Role #3 — Registry Client:  Docker acts as the registry client that maintains push and pull, as well as client authorizations.

Docker Registry in Action

Now, let’s discuss five scenarios to better comprehend the working of Docker Registry. Scenario A: A user wants to pull or download an image. The steps that are involved are as follows:

Step 1: The user places a request to the index to download the image.

Step 2: The index, in response, returns three pertinent pieces of information:

a. The registry in which the image is located

b. Checksums for the image, including all layers

c. Token for authorization purposes

Note: Tokens are only sent when the request has the X-Docker-Token in the header. While private repositories need basic authentication, it’s not mandatory for public repositories.

Step 3: The user now contacts the registry with the token that was returned in the response. The registry is wholly responsible for the images. It stores the base image and the inherited layers.

Step 4: The registry now confirms with the Index that the token is authorized.

Step 5: The index now sends a “true” or “false” to the registry, thereby allowing the user to download the needed image

pull


Scenario B: The user wants to push an image to the registry. The steps involved are as follows:

Step 1: The user contacts the index with credentials requesting allocation of the repository name.

Step 2: On successful authentication and namespace availability, the repository name is allocated. A temporary token is returned in response.

Step 3: The image, along with the token, is pushed to the registry.

Step 4: The registry confirms the token with the index, then starts reading the pushed stream after validation by the index.

Step 5: The index is then updated with the image checksums by Docker.

push


Scenario C: The user wants to delete an image from the index or registry.

Step 1: The index receives a signal from Docker to delete the repository.

Step 2: If the index validates the repository, it deletes the repository and returns a temporary token.

Step 3: The registry now receives the delete signal, along with the token.

Step 4: The token is verified with the index, and the registry deletes the repository and all related information.

Step 5: Docker now intimates the index about the deletion, and the index removes all records of the repository.

delete


Scenario D: The user wishes to use the registry in standalone mode without the index. Use of the registry, without the index, which is under the full control of #Docker, is best suited for storing images on private networks. The registry spins up in a special mode which restricts communication with the Docker index. All security and authentication needs to be taken care of by the user.


Scenario E: The user wishes to use the registry in standalone mode with the index. In this scenario, a custom index is created to store and access images in a private network. However, the overhead is to inform Docker about the custom index. #Docker provides an interesting concept of chaining registries, which in turn, enables load balancing and allocation of a specific registry for specific requests. In the next Docker Tutorial Series post, we will discuss how to use the Docker Registry API for each of the above-mentioned scenarios, as well as delve into Docker Security.

In the meantime, let’s keep the conversation going. If you have any inquiries about Docker registry and workflows, send us an email to info@flux7.com. 

Other Tutorials in this series:


Docker Tutorial Series, Part 1: An Introduction | Docker Components

Docker Tutorial Series, Part 2: The 15 Commands

Docker Tutorial Series, Part 3: Automation is the Word Using DockerFile

Docker Tutorial Series, Part 5: Docker Security

Docker Tutorial Series, Part 6: The Next 15 Docker Commands

Docker Tutorial Series, Part 7: Ultimate Guide for Docker APIs

Docker Tutorial Series, Part 8: Docker Remote API

Categories:
Tags: Docker, Docker Tutorials
Share This Article
Facebook Twitter Pinterest Linkedin
Prev Post
Next Post

Related Articles

IT Modernization and DevOps News Week in Review 1.18.2021
By Flux7 Labs
January 18, 2021

IT Modernization and DevOps News Week in Review 1.18.2021

READ MORE
re:Invent Round-Up of AWS DevOps Announcements
By Flux7 Labs
December 21, 2020

re:Invent Round-Up of AWS DevOps Announcements

READ MORE

Recent Posts

  • IT Modernization and DevOps News Week in Review 1.18.2021

  • re:Invent Round-Up of AWS DevOps Announcements

  • How Will SASE Change Networking in 2021?

  • AWS re:Invent Machine Learning Round-Up

  • How to Publish Managed Images to the Azure Marketplace

  • AWS re:Invent News Round-Up

  • Shave Days off Azure Marketplace Publishing with Automated Testing

  • IT Modernization and DevOps News Week in Review 11.30.2020

  • How To: Multi-Cluster Monitoring in Amazon EKS

  • IT Modernization and DevOps News Week in Review 11.16.2020

Flux7
  • About Flux7
  • Contact Us
  • Careers at Flux7
  • Newsroom
  • Meet our Team
Services
  • Enable Software Innovation
  • Enforce Security and Compliance
  • Adopt Cloud
  • Cloud Migration Services
  • Secure the Cloud
Resources
  • Analysts Reports
  • Case Studies
  • White Papers
About Flux7

Flux7, an NTT DATA Company, helps enterprises reduce the complexities of new and evolving cloud automation strategies. Agile and DevOps-native, Flux7’s robust IT services portfolio prioritizes a fast path to ROI, is transformation focused and creates secure and stable pathways for operational excellence.

Follow Us
Flux7, an NTT DATA Company | All Rights Reserved | Privacy Policy