Setup a Private Docker Repository#

Docker images are stored in repositories. In class we browsed the public repository on DockerHub. That’s a great place to find images to use. GitHub has a public repository that’s great for building images from your source code. But what if your image contains proprietary code or secrets? If that’s the case you need a private repository for your images. The cloud vendors all have private repositories that you can enable for your work. In this lab we’ll setup a private repo.

Create a Repository#

Containers images are stored in a registry. In class I’ll demonstrate how to enable Google’s Artifact Registry to store your containers using the web Here’s how to do that with the gcloud command:

$ REGION=$(gcloud config get-value compute/region)
$ PROJECT=$(gcloud config get-value core/project)
$ REPO=cis-92
$ gcloud config set artifacts/location $REGION
$ gcloud artifacts repositories create $REPO --repository-format=docker
$ gcloud auth configure-docker ${REGION}-docker.pkg.dev
$ echo Your repo is: ${REGION}-docker.pkg.dev/${PROJECT}/${REPO}

Make a note of your repo url. It should look like this:

us-central1-docker.pkg.dev/project-id/repo-name

Enable HTTP in the Firewall#

Deployed containers need to communicate with the Internet. By default, there are no firewall rules allowing the communication on your default VPC. This gcloud command changes that.

$ gcloud compute firewall-rules create allow-http --direction=INGRESS --priority=1000 --network=default --action=ALLOW --rules=tcp:80 --source-ranges=0.0.0.0/0 --target-tags=http-server