From f674809fd2eef49412a2b5c773cae1cf6f00412d Mon Sep 17 00:00:00 2001 From: David Young Date: Mon, 25 Jul 2022 13:51:41 +1200 Subject: [PATCH] Improve registry and heimdall pages Signed-off-by: David Young --- manuscript/docker-swarm/registry.md | 42 +++++++++++------------ manuscript/recipes/autopirate/heimdall.md | 13 ++++--- 2 files changed, 27 insertions(+), 28 deletions(-) diff --git a/manuscript/docker-swarm/registry.md b/manuscript/docker-swarm/registry.md index cbc26e8..adaa6a3 100644 --- a/manuscript/docker-swarm/registry.md +++ b/manuscript/docker-swarm/registry.md @@ -1,4 +1,8 @@ -# Create registry mirror +--- +title: Setup pull through Docker registry / cache +description: You may not _want_ your cluster to be pulling multiple copies of images from public registries, especially if rate-limits (hello, Docker Hub!) are a concern. Here's how you setup your own "pull through cache" registry. +--- +# Create Docker "pull through" registry cache Although we now have shared storage for our persistent container data, our docker nodes don't share any other docker data, such as container images. This results in an inefficiency - every node which participates in the swarm will, at some point, need the docker image for every container deployed in the swarm. @@ -8,15 +12,17 @@ The solution is to run an official Docker registry container as a ["pull-through The registry mirror runs as a swarm stack, using a simple docker-compose.yml. Customize **your mirror FQDN** below, so that Traefik will generate the appropriate LetsEncrypt certificates for it, and make it available via HTTPS. -## Ingredients +## Requirements -1. [Docker swarm cluster](/docker-swarm/design/) with [persistent shared storage](/docker-swarm/shared-storage-ceph/) -2. [Traefik](/docker-swarm/traefik/) configured per design -3. DNS entry for the hostname you intend to use, pointed to your [keepalived](/docker-swarm/keepalived/) IP +!!! summary "Ingredients" -## Preparation + * [ ] [Docker swarm cluster](/docker-swarm/design/) with [persistent shared storage](/docker-swarm/shared-storage-ceph/) + * [ ] [Traefik](/docker-swarm/traefik/) configured per design + * [ ] DNS entry for the hostname you intend to use, pointed to your [keepalived](/docker-swarm/keepalived/) IP -Create /var/data/config/registry/registry.yml as per the following example: +## Configuration + +Create `/var/data/config/registry/registry.yml` as per the following docker-compose example: ```yaml version: "3" @@ -44,9 +50,9 @@ networks: ``` !!! note "Unencrypted registry" -We create this registry without consideration for SSL, which will fail if we attempt to use the registry directly. However, we're going to use the HTTPS-proxied version via Traefik, leveraging Traefik to manage the LetsEncrypt certificates required. +We create this registry without consideration for SSL, which will fail if we attempt to use the registry directly. However, we're going to use the HTTPS-proxied version via [Traefik][traefik], leveraging Traefik to manage the LetsEncrypt certificates required. -Create /var/data/registry/registry-mirror-config.yml as per the following example: +Create the configuration for the actual registry in `/var/data/registry/registry-mirror-config.yml` as per the following example: ```yaml version: 0.1 @@ -73,15 +79,15 @@ proxy: remoteurl: https://registry-1.docker.io ``` -## Serving +## Running -### Launch registry stack +### Launch Docker registry stack Launch the registry stack by running `docker stack deploy registry -c ` -### Enable registry mirror and experimental features +### Enable Docker registry mirror -To tell docker to use the registry mirror, and (_while we're here_) in order to be able to watch the logs of any service from any manager node (_an experimental feature in the current Atomic docker build_), edit **/etc/docker-latest/daemon.json** on each node, and change from: +To tell docker to use the registry mirror, edit `/etc/docker-latest/daemon.json` [^1] on each node, and change from: ```json { @@ -96,18 +102,12 @@ To: { "log-driver": "journald", "signature-verification": false, - "experimental": true, "registry-mirrors": ["https://"] } ``` -Then restart docker by running: +Then restart docker itself, by running `systemctl restart docker` -```bash -systemctl restart docker-latest -``` - -!!! tip "" -Note the extra comma required after "false" above +[^1]: Note the extra comma required after "false" above --8<-- "recipe-footer.md" diff --git a/manuscript/recipes/autopirate/heimdall.md b/manuscript/recipes/autopirate/heimdall.md index 53fe90e..836b5e4 100644 --- a/manuscript/recipes/autopirate/heimdall.md +++ b/manuscript/recipes/autopirate/heimdall.md @@ -1,22 +1,21 @@ --- -description: Heimdall is a beautiful dashboard for all your web applications +title: Install Heimdall Dashboard with Docker +description: Heimdall is a beautiful dashboard for all your web applications, and is a perfect combination your self-hosted Docker applications! --- -# Heimdall +# Heimdall in Autopirate Docker Swarm stack !!! warning This is not a complete recipe - it's a component of the [autopirate](/recipes/autopirate/) "_uber-recipe_", but has been split into its own page to reduce complexity. [Heimdall Application Dashboard](https://heimdall.site/) is a dashboard for all your web applications. It doesn't need to be limited to applications though, you can add links to anything you like. -Heimdall is an elegant solution to organise all your web applications. It’s dedicated to this purpose so you won’t lose your links in a sea of bookmarks. +Heimdall provides a single URL to manage access to all of your autopirate tools, and includes "enhanced" (_i.e., display stats within Heimdall without launching the app_) access to [NZBGet][nzbget], [SABnzbd][sabnzbd], and friends. -Heimdall provides a single URL to manage access to all of your autopirate tools, and includes "enhanced" (_i.e., display stats within Heimdall without launching the app_) access to [NZBGet][nzbge], [SABnzbd][nzbget], and friends. - -![Heimdall Screenshot](../../images/heimdall.jpg) +![Heimdall Screenshot](/images/heimdall.jpg) ## Inclusion into AutoPirate -To include Heimdall in your [AutoPirate](/recipes/autopirate/) stack, include the following in your autopirate.yml stack definition file: +To include Heimdall in your [AutoPirate](/recipes/autopirate/) stack, include the following example in your autopirate.yml docker-compose stack definition file: ```yaml heimdall: