The system registry is primarily meant for non-production type usage such as demos, PoCs etc.
Users are required to authenticate to the system registry before they can perform "push" or "pull" operations. Use the following steps to setup authentication.
- Login to the Web Console
- Click My Tools, API & Registry Keys
- Click Manage Keys and then New Registry Key
Make a note of the "key", "secret", and "label". The secret will not be displayed to you again.
The integrated system registry uses Oauth2 Token Authentication for authenticating docker clients. It redirects users automatically to a standalone Oauth service that authenticates docker clients and uses provided credentials in docker login to authenticate and authorize the request for a resource on the registry. For successful requests, a bearer token is returned, which is used by docker client to access a resource on the registry.
This assumes the user is using Docker to access the system registry. On your laptop or system where Docker is installed, type the following command:
sudo docker login rcr.rafay-edge.net
When prompted, enter the following details for credentials
Username: Your web console UI login username (typically your email address) Password: Registry secret
Pushing Container Images¶
Tag the Container Image¶
docker tag <EXISTING_IMAGE_NAME> rcr.rafay-edge.net/<label>/image:tag
For example, to tag the latest nginx image
docker tag nginx:stable rcr.rafay-edge.net/acme/defaultproject/jsmith/nginx:stable
Push the Image¶
docker push rcr.rafay-edge.net/<label>/image:tag
For example, to push the newly tagged image to the system registry
docker push rcr.rafay-edge.net/acme/defaultproject/jsmith/nginx:stable