While exploring community Docker images, I found myself downloading the same content multiple times. I’d rather not waste my bandwidth. I’d rather not wait on downloading something I’ve downloaded before. But perhaps more importantly, Docker recently changed their terms of service throttling the number of pulls in a given timespan (details on Docker’s site, discussion on HackerNews).
Running my own proxy registry
registry: restart: always image: registry:2 ports: - 11150:5000 volumes: - ./data:/var/lib/registry - ./config.yml:/etc/docker/registry/config.yml
version: 0.1 log: fields: service: registry storage: cache: blobdescriptor: inmemory filesystem: rootdirectory: /var/lib/registry http: addr: :5000 headers: X-Content-Type-Options: [nosniff] health: storagedriver: enabled: true interval: 10s threshold: 3 proxy: remoteurl: https://registry-1.docker.io
And note that
./data is symlinked to a FreeNAS mount.
Configuring Docker’s daemon
I then go about adding
/etc/docker/daemon.json for my VMs (I’ll cover the DNS/TLS/routing aspect
of this in the next post). Note that this type of
post-provisioning customization should probably be done to the VM template or
Ansible scripts. I’ll cover that when I get a chance to work Ansible into my setup.
Update from the future
I ended up having to configure two registries on account of self-hosted registries not being able to function as both proxies and local registries.