====== Infrasturcture: Docker Registry ======

The official docker registry has been deployed alongside a small registry browser to make it easy to see what images are available

The frontend is accessible via http only currently. The registry however is access via SSL

The registry hosts pre-built custom docker images that can be deployed on any docker instance with access to do so

Access is granted to the services via the currently named ''gitea-access'' ipset
===== Installation =====

Clone the git repositories and run a ''puppet apply'' operation across the local repositories to setup the services

   * ''puppet-docker''
  * ''puppet-docker-registry''
===== Docker Registry =====

  * **access:** [[https://beacon.tombstones.org.uk:25443/|​https://beacon.tombstones.org.uk:25443]]
  * **container:**  docker-registry
  * **network:**  docker-registry
  * **ip**: 172.168.0.2
  * **iptables:**''-A DOCKER-USER -i eth0 -p tcp –dest 172.168.0.2 -m set ! –match-set gitea-access src,dst -j DROP -m comment –comment "Prevent Access to Docker Registry"''
  * **volume**: /home/docker-data/registry
===== Docker Registry Frontend =====

  * **access:** [[http://beacon.tombstones.org.uk:28080/|​http://beacon.tombstones.org.uk:28080]]
  * **container:**  docker-registry-frontend
  * **network:**  docker-registry
  * **ip**: 172.168.0.3
  * **iptables:**''-A DOCKER-USER -i eth0 -p tcp –dest 172.168.0.3 -m set ! –match-set gitea-access src,dst -j DROP -m comment –comment "Prevent Access to Docker Registry"''
  * **volume**: n/a