From d50a07c1494083e9d9c4d20ea7ab813956509cdb Mon Sep 17 00:00:00 2001 From: Josh Dolitsky <393494+jdolitsky@users.noreply.github.com> Date: Fri, 24 Jan 2020 11:47:16 -0600 Subject: [PATCH 1/4] rename Dockerfile to Dockerfile.build Signed-off-by: Josh Dolitsky <393494+jdolitsky@users.noreply.github.com> --- .gitignore | 1 + Dockerfile => Dockerfile.build | 0 Makefile | 4 ++-- 3 files changed, 3 insertions(+), 2 deletions(-) rename Dockerfile => Dockerfile.build (100%) diff --git a/.gitignore b/.gitignore index 14a36c38..4dcdfd83 100644 --- a/.gitignore +++ b/.gitignore @@ -16,3 +16,4 @@ bazel-* coverage.txt test/data/ *.orig +.idea/ diff --git a/Dockerfile b/Dockerfile.build similarity index 100% rename from Dockerfile rename to Dockerfile.build diff --git a/Makefile b/Makefile index 242b1291..0494eda3 100644 --- a/Makefile +++ b/Makefile @@ -43,9 +43,9 @@ run: binary test .PHONY: binary-container binary-container: - ${CONTAINER_RUNTIME} build ${BUILD_ARGS} -f Dockerfile -t zot:latest . + ${CONTAINER_RUNTIME} build ${BUILD_ARGS} -f Dockerfile.build -t zot-build:latest . ${CONTAINER_RUNTIME} run --rm --security-opt label=disable -v $$(pwd):/go/src/github.com/anuvu/zot \ - zot:latest make + zot-build:latest make .PHONY: binary-stacker binary-stacker: From dfd8b84344b360e6954f8cc01cee2bdac5f56df7 Mon Sep 17 00:00:00 2001 From: Josh Dolitsky <393494+jdolitsky@users.noreply.github.com> Date: Fri, 24 Jan 2020 11:54:38 -0600 Subject: [PATCH 2/4] Add new Dockerfile and README instructions Signed-off-by: Josh Dolitsky <393494+jdolitsky@users.noreply.github.com> --- Dockerfile | 27 +++++++++++++++++++++++++++ Makefile | 4 ++++ README.md | 42 +++++++++++++++++++++++++++++++++++++++++- 3 files changed, 72 insertions(+), 1 deletion(-) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..6f1a6ae9 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,27 @@ +# --- +# Stage 1: Install certs, build binary, create default config file +# --- +FROM docker.io/golang:1.13.6-alpine3.11 AS builder +RUN apk --update add git make ca-certificates +RUN mkdir -p /go/src/github.com/anuvu/zot +WORKDIR /go/src/github.com/anuvu/zot +COPY . . +RUN CGO_ENABLED=0 make clean binary +RUN echo -e '# Default config file for zot server\n\ +http:\n\ + address: 0.0.0.0\n\ + port: 5000\n\ +storage:\n\ + rootDirectory: /var/lib/registry' > config.yml && cat config.yml + +# --- +# Stage 2: Final image with nothing but certs, binary, and default config file +# --- +FROM scratch AS final +COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt +COPY --from=builder /go/src/github.com/anuvu/zot/bin/zot /zot +COPY --from=builder /go/src/github.com/anuvu/zot/config.yml /etc/zot/config.yml +ENTRYPOINT ["/zot"] +EXPOSE 5000 +VOLUME ["/var/lib/registry"] +CMD ["serve", "/etc/zot/config.yml"] diff --git a/Makefile b/Makefile index 0494eda3..f3dc65ef 100644 --- a/Makefile +++ b/Makefile @@ -50,3 +50,7 @@ binary-container: .PHONY: binary-stacker binary-stacker: stacker build --substitute PWD=$$PWD --no-cache + +.PHONY: image +image: + ${CONTAINER_RUNTIME} build ${BUILD_ARGS} -f Dockerfile -t zot:latest . diff --git a/README.md b/README.md index 124a6b35..6817356d 100644 --- a/README.md +++ b/README.md @@ -42,18 +42,58 @@ make binary-stacker ``` make - ``` Build artifacts are in bin/ # Serving + ``` bin/zot serve _config-file_ ``` Examples of config files are available in [examples/](examples/) dir. +# Container Image + +The [Dockerfile](./Dockerfile) in this repo can be used to build a container image +that runs _zot_. + +To build the image: + +``` +make image +``` + +Then run the image with your preferred container runtime: + +``` +# with podman +podman run --rm -p 5000:5000 \ + -v $(pwd)/registry:/var/lib/registry \ + zot:latest + +# with docker +docker run --rm -p 5000:5000 \ + -v $(pwd)/registry:/var/lib/registry \ + zot:latest +``` + +By default, the server will use no auth, listen on port 5000, +and store content at `/var/lib/registry`. + +If you wish use custom configuration settings, you can override +the YAML config file located at `/etc/zot/config.yml`: + +``` +# Example: using a local file "custom-config.yml" that +# listens on port 8080 and uses /tmp/zot for storage +podman run --rm -p 8080:8080 \ + -v $(pwd)/custom-config.yml:/etc/zot/config.yml \ + -v $(pwd)/registry:/tmp/zot \ + zot:latest +``` + # Ecosystem Since we couldn't find clients or client libraries that are stictly compliant to From 98c3237d2fb663e82603b15adfff4c00fe9fc966 Mon Sep 17 00:00:00 2001 From: Josh Dolitsky <393494+jdolitsky@users.noreply.github.com> Date: Mon, 27 Jan 2020 09:44:07 -0600 Subject: [PATCH 3/4] Clarify defaults for running container image --- README.md | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 6817356d..7b0df8a1 100644 --- a/README.md +++ b/README.md @@ -59,7 +59,7 @@ Examples of config files are available in [examples/](examples/) dir. The [Dockerfile](./Dockerfile) in this repo can be used to build a container image that runs _zot_. -To build the image: +To build the image with ref `zot:latest`: ``` make image @@ -69,25 +69,21 @@ Then run the image with your preferred container runtime: ``` # with podman -podman run --rm -p 5000:5000 \ - -v $(pwd)/registry:/var/lib/registry \ - zot:latest +podman run --rm -p 5000:5000 -v $(pwd)/registry:/var/lib/registry zot:latest # with docker -docker run --rm -p 5000:5000 \ - -v $(pwd)/registry:/var/lib/registry \ - zot:latest +docker run --rm -p 5000:5000 -v $(pwd)/registry:/var/lib/registry zot:latest ``` -By default, the server will use no auth, listen on port 5000, -and store content at `/var/lib/registry`. +This will run a registry at http://localhost:5000, storing content at `./registry` +(bind mounted to `/var/lib/registry` in the container). By default, auth is disabled. If you wish use custom configuration settings, you can override the YAML config file located at `/etc/zot/config.yml`: ``` # Example: using a local file "custom-config.yml" that -# listens on port 8080 and uses /tmp/zot for storage +# listens on port 8080 and uses /tmp/zot for storage root podman run --rm -p 8080:8080 \ -v $(pwd)/custom-config.yml:/etc/zot/config.yml \ -v $(pwd)/registry:/tmp/zot \ From 9863c80bc3be7ad2aa7f3b4a9e03cb6179ea0f3a Mon Sep 17 00:00:00 2001 From: Josh Dolitsky <393494+jdolitsky@users.noreply.github.com> Date: Mon, 27 Jan 2020 09:47:08 -0600 Subject: [PATCH 4/4] Add -it flags --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7b0df8a1..12cbf3da 100644 --- a/README.md +++ b/README.md @@ -69,10 +69,10 @@ Then run the image with your preferred container runtime: ``` # with podman -podman run --rm -p 5000:5000 -v $(pwd)/registry:/var/lib/registry zot:latest +podman run --rm -it -p 5000:5000 -v $(pwd)/registry:/var/lib/registry zot:latest # with docker -docker run --rm -p 5000:5000 -v $(pwd)/registry:/var/lib/registry zot:latest +docker run --rm -it -p 5000:5000 -v $(pwd)/registry:/var/lib/registry zot:latest ``` This will run a registry at http://localhost:5000, storing content at `./registry`