{"id":72,"date":"2017-03-29T16:53:50","date_gmt":"2017-03-29T08:53:50","guid":{"rendered":"http:\/\/www.jsjs.org\/?p=72"},"modified":"2017-03-29T16:53:50","modified_gmt":"2017-03-29T08:53:50","slug":"using-nexus-3-as-your-repository-part-3-docker-images","status":"publish","type":"post","link":"https:\/\/blog.jsjs.org\/?p=72","title":{"rendered":"Using Nexus 3 as Your Repository \u2013 Part 3: Docker Images"},"content":{"rendered":"

This is the third and last part of a series of posts on Nexus 3 and how to use it as repository for several technologies. (Part 1<\/a>. Part 2<\/a>.)<\/em><\/p>\n

Installation<\/strong><\/p>\n

Check out the first part of this series to see how we installed and ran Nexus 3 using a single docker command. Just do that and the installation is done.<\/p>\n

Configuring Nexus as a Docker repo<\/strong><\/p>\n

What we will do:
\n\u2013 create a private (hosted) repository for our own images
\n\u2013 create a proxy repository pointing to Docker Hub
\n\u2013 create a group repository to provide all the above repos under a single URL<\/p>\n

I suggest you to create a new blob store for each new repo you want to create. That way, the data for every repo will be in a different folder in \/nexus-data (inside the Docker container). But this is not mandatory for it to work.<\/p>\n

By default, the Docker client communicates with the repo using HTTPS. In my use case I had to configure it with HTTP, because we didn\u2019t have the certificate nor the knowledge on how to obtain it.<\/p>\n

Important to notice: the Docker repo requires 2 different ports. We are going to use 8082 for pull from the proxy repo and 8083 for pull and push to the private repo.<\/p>\n

I had some problems with slightly older versions of Docker, so I strongly suggesting you to start with the version that I\u2019ve tested with, that is 1.12.3.<\/p>\n

private repo<\/strong><\/p>\n

A repository for Docker images that your team creates.<\/p>\n

Create a new Docker (hosted) repository and configure it like:<\/p>\n

\"rafael<\/a><\/p>\n

proxy repo<\/strong>
\nA repository that proxies everything you download from the official registry, Docker Hub. Next time you download the same dependency, it will be cached in your Nexus.<\/p>\n

Create a new Docker (proxy) repository and configure it like:<\/p>\n

\"rafael<\/a><\/p>\n

\"rafael<\/a>
\ngroup repo<\/strong>
\nThis will group all the above repos and provide you a single URL to configure your clients to download from to.<\/p>\n

Create a new Docker (group) repository and configure it like:<\/p>\n

\"rafael<\/p>\n

\"rafael6\"<\/p>\n

You can create as many repos as you need and group them all in the group repo.<\/p>\n

This step is actually optional to use Nexus 3 as a Docker repository, because we can stick to pulling and pushing to the proxy and hosted repositories as will be discussed later.<\/p>\n

Configuring your clients and projects to use your Nexus repos<\/strong>
\nTo interact with your repo, the first thing is to configure the Docker daemon in your machine to accept working with HTTP instead of HTTPS.<\/p>\n

How exactly to do this config depends on your operating system, so you should check dockerd<\/a> documentation. On RHEL I did it putting this content in \/etc\/docker\/daemon.json<\/code>:<\/p>\n

\n
{<\/span>\n  \"insecure-registries\"<\/span>:<\/span> [<\/span>\n    \"your-repo:8082\"<\/span>,<\/span>\n    \"your-repo:8083\"<\/span>\n  ],<\/span>\n  \"disable-legacy-registry\"<\/span>:<\/span> true<\/span>\n}<\/span>\n<\/code><\/pre>\n<\/div>\n
You have to restart the daemon after setting this (sudo systemctl restart docker<\/code>).<\/p>\n
On Windows or Mac you should config your deamon in a box like this:<\/p>\n
Now we have to authenticate your machine to the repo with:<\/p>\n
\n
docker login -u admin -p admin123 your-repo:8082\ndocker login -u admin -p admin123 your-repo:8083\n<\/code><\/pre>\n<\/div>\n
This will create an entry in ~\/.docker\/config.json<\/code>:<\/p>\n
\n
{<\/span>\n\t\"auths\"<\/span>:<\/span> {<\/span>\n\t\t\"your-repo:8082\"<\/span>:<\/span> {<\/span>\n\t\t\t\"auth\"<\/span>:<\/span> \"YWRtaW46YWRtaW4xMjM=\"<\/span>\n\t\t},<\/span>\n\t\t\"your-repo:8083\"<\/span>:<\/span> {<\/span>\n\t\t\t\"auth\"<\/span>:<\/span> \"YWRtaW46YWRtaW4xMjM=\"<\/span>\n\t\t}<\/span>\n}<\/span>\n<\/code><\/pre>\n<\/div>\n
To pull images from your repo, use (notice port 8082<\/strong> being used):<\/p>\n
\n
docker pull your-repo:8082\/httpd:2.4-alpine\n<\/code><\/pre>\n<\/div>\n
To push your own images to your repo, you have to tag the image with a tag that points to the repo. This is strange to me, since I was trying to think about Docker tags the same way I do about Git tags, but they seem be somewhat different (notice port 8083<\/strong> being used):<\/p>\n
\n
docker tag your-own-image:1 your-repo:8083\/your-own-image:1\ndocker push your-repo:8083\/your-own-image:1\n<\/code><\/pre>\n<\/div>\n
To pull your own images from the repo, you can use:<\/p>\n
\n
docker tag your-own-image:1 your-repo:8082\/your-own-image:1\n# or\ndocker tag your-own-image:1 your-repo:8083\/your-own-image:1\n<\/code><\/pre>\n<\/div>\n
Both ports will work. I suspect that is because using port 8083 will connect directly to the hosted repo, whilst using port 8082 will connect to the group repo, which contains the hosted repo. I suggest you to stick to port 8083<\/strong> to avoid duplicate images in your machines. If you chose to stick with port 8083 to pull your own images, you probably could skip creating the group repo, if you prefer.<\/p>\n","protected":false},"excerpt":{"rendered":"
This is the third and last part of a series of posts on Nexus 3 and how to use it […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[1],"tags":[],"class_list":["post-72","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/posts\/72","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=72"}],"version-history":[{"count":0,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/posts\/72\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=72"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=72"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=72"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\"rafael<\/a><\/p>\n