We need to install https://docs.docker.com/registry/ locally so that we can serve our own docker images to kubernetes without relying on a third party.
Our original idea was as follows:
- Users push their code to a specific git repository (or some script does that for them)
- A docker image is built (via CI) from any commit to that branch
This means what follows:
- Authentication of users will be performed by the git repository, so we just need to make the registry private and accessible to kubernetes and the CI system only.
- We might have medium to large storage requirements. We could use NFS as a simple intial solution, but I'd like to use Swift as a storage system in the middle-to-long run (see https://docs.docker.com/registry/storagedrivers/)
- Since this registry would be private, and thus relatively low traffic, I don't really see a point in making it load-balanced.
- Looking at the registry's Dockerfile, it seems pretty easy to puppetize if we want to. But, should we?
My personal preferred way of running this would be as a container running on the kubernetes cluster itself (or more than one, depending on the load...) and deferring storage to an external object store.