DEV Community

Cover image for Setup Docker locally for private registries
Tanmay Jain
Tanmay Jain

Posted on • Edited on

Setup Docker locally for private registries

Why would you need this setup ever?

For organizations that build their own Base Images or have custom Docker Base Images, will most likely be hosted on a private Docker Registry like AWS etc.

To run those Dockerfiles on your local machine, one would require to authenticate first. There can be external authorization services being used in combination with Docker Registries like Artifactory (jFrog).

What is a Docker (private) registry?

A Docker registry is a storage and distribution system for named Docker images.

A private Docker registry allows you to share and use base images within your organization. It is a centralized source of truth for the building blocks of your architecture.

Docker Registry

Getting Started

In this example, we would focus on Artifactory as a Authorization Service for our private images and plugins.

Downloading the base Custom Image:

You will need to login into the Docker Registry using your credentials.

For Artifactory,

  • Login to your company's Artifactory client.
  • Click on top-right corner on your name.
  • Select Set me up
  • Package Type: docker
  • Select relevant Repository.

Now, you should see the command you need to run to authenticate and download private images.

It should be something like:

docker login {org-name}-{docker-repository-name}.jfrog.io
Enter fullscreen mode Exit fullscreen mode

Alternatively, you can manually add your credentials in ~/.docker/config.json file like:

{
    "auths": {
        "https://{org-name}-{docker-repository-name}.jfrog.io": {
            "auth": "{username}:{PASSWORD} (converted to base 64)",
            "email": "youremail@email.com"
        }
    }
}
Enter fullscreen mode Exit fullscreen mode

Now that you have access to download custom private images. Lets take a look at what our Dockerfile would look like and how can we install private libraries which are also hosted on Artifactory.

Setting up Dockerfile for private libraries:

We will be focusing on Artfactory as an authentication service for our private libraries / gems etc.

Our Dockerfile should look something like this:

# Fetch base image
FROM {org-name}-{docker-repository-name}.jfrog.io/{path-to-docker-image}
LABEL maintainer="Tanmay Jain <tanmayj28@gmail.com>"

# Setup your work directory
ARG APP_HOME=/home/app/web
WORKDIR $APP_HOME

# Copy required files
COPY Gemfile.lock $APP_HOME
RUN gem install bundler --force -N -v "$(tail -n 1 Gemfile.lock | tr -d '[:blank:]\n')" && bundle --version

COPY . $APP_HOME

RUN chown -R app:app $APP_HOME

USER app

# Setup ssh keys to allow installing gems from artifactory
ARG SSH_KEY
ENV SSH_KEY=$SSH_KEY

# Create id_rsa from string arg, and set permissions
RUN echo "$SSH_KEY" > /root/.ssh/id_rsa
RUN chmod 600 /root/.ssh/id_rsa

# Create known_hosts
RUN touch /root/.ssh/known_hosts

# bundle rubygems
ENV BUNDLE_DEPLOYMENT=true
ARG BUNDLE_JOBS=4
ARG BUNDLE_WITHOUT=development:test
RUN --mount=type=ssh,target=/home/app/.ssh/id_rsa,uid=9999,gid=9999 \
    --mount=type=secret,id=artifactory,uid=9999,gid=9999 \
    BUNDLE_{ORG-NAME}__JFROG__IO={JFROG_USERNAME}:{JFROG_API_KEY} bundle install

EXPOSE 3000
CMD ["bundle", "exec", "rails", "server"]

Enter fullscreen mode Exit fullscreen mode

and we would build from our Dockerfile using command:

docker build --build-arg SSH_KEY="$(cat ~/.ssh/id_rsa)" .
Enter fullscreen mode Exit fullscreen mode

Lets take a look at what we did above:

  • Following command would fetch your private custom base image which now you have access to.
FROM {org-name}-{docker-repository-name}.jfrog.io/{path-to-docker-image}
Enter fullscreen mode Exit fullscreen mode
  • Following command would copy your Gemfile.lock, which is needed for bundlig gems. You would need other files like, package.json, yarn.lock Gemfile etc. ot be copied as well (as per need).
COPY Gemfile.lock $APP_HOME
Enter fullscreen mode Exit fullscreen mode
  • Following command is used to add your private ssh keys which probably have access granted to download private libraries.
ARG SSH_KEY
ENV SSH_KEY=$SSH_KEY
RUN echo "$SSH_KEY" > /root/.ssh/id_rsa
RUN chmod 600 /root/.ssh/id_rsa
RUN touch /root/.ssh/known_hosts
Enter fullscreen mode Exit fullscreen mode
  • Following command is used to install the private gems / libraries using the ssh key we just copied.
RUN --mount=type=ssh,target=/home/app/.ssh/id_rsa,uid=9999,gid=9999 \
    --mount=type=secret,id=artifactory,uid=9999,gid=9999 \
    BUNDLE_{ORG-NAME}__JFROG__IO={JFROG_USERNAME}:{JFROG_API_KEY} bundle install
Enter fullscreen mode Exit fullscreen mode

And that is how you setup your local machine with Docker pulling images and libraries from your private stores.

Top comments (0)