Setup a Private Docker Repository

Docker images are stored in repositories. In class we browsed the public repository on DockerHub. That’s a great place to find images to use. GitHub has a public repository that’s great for building images from your source code. But what if your image contains proprietary code or secrets? If that’s the case you need a private repository for your images. The cloud vendors all have private repositories that you can enable for your work. In this lab we’ll setup a private repo.

Create a Repository

Containers images are stored in a registry. In class I’ll demonstrate how to enable Google’s Artifact Registry to store your containers using the web Here’s how to do that with the gcloud command:

$ REGION=$(gcloud config get-value compute/region)
$ PROJECT=$(gcloud config get-value core/project)
$ REPO=cis-92
$ gcloud config set artifacts/location $REGION
$ gcloud artifacts repositories create $REPO --repository-format=docker
$ gcloud auth configure-docker ${REGION}-docker.pkg.dev
$ echo Your repo is: ${REGION}-docker.pkg.dev/${PROJECT}/${REPO}

Make a note of your repo url. It should look like this:

us-central1-docker.pkg.dev/project-id/repo-name

Enable HTTP in the Firewall

Deployed containers need to communicate with the Internet. By default, there are no firewall rules allowing the communication on your default VPC. This gcloud command changes that.

$ gcloud compute firewall-rules create allow-http --direction=INGRESS --priority=1000 --network=default --action=ALLOW --rules=tcp:80 --source-ranges=0.0.0.0/0 --target-tags=http-server