Puppet Class: docker::registry

Defined in:
modules/docker/manifests/registry.pp

Overview

Parameters:

  • config (Hash) (defaults to: {})
  • storage_backend (String) (defaults to: 'filebackend')
  • datapath (Stdlib::Unixpath) (defaults to: '/srv/registry')
  • swift_user (Optional[String]) (defaults to: undef)
  • swift_password (Optional[String]) (defaults to: undef)
  • swift_url (Optional[Stdlib::Httpsurl]) (defaults to: undef)
  • swift_container (Optional[String]) (defaults to: undef)


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
# File 'modules/docker/manifests/registry.pp', line 1

class docker::registry(
    Hash $config = {},
    String $storage_backend = 'filebackend',
    Stdlib::Unixpath $datapath = '/srv/registry',
    Optional[String] $swift_user = undef,
    Optional[String] $swift_password = undef,
    Optional[Stdlib::Httpsurl] $swift_url = undef,
    Optional[String] $swift_container = undef,
){

    ensure_packages(['docker-registry'])

    case $storage_backend {
        'filebackend': {
            $storage_config = {
                'filesystem' => { 'rootdirectory' => $datapath },
                'cache'      => { 'blobdescriptor' => 'inmemory' },
            }
            file { $datapath:
                ensure => directory,
                mode   => '0775',
                owner  => 'docker-registry',
                group  => 'docker-registry',
            }
        }
        'swift': {
            $storage_config = {
                'swift'  => {
                    'username'  => $swift_user,
                    'password'  => $swift_password,
                    'authurl'   => $swift_url,
                    'container' => $swift_container,
                },
                'cache' => {
                    'blobdescriptor' => 'inmemory',
                },
            }
        }
        default: { fail("Unsupported storage backend ${storage_backend}") }
    }


    $base_config = {
        'version' => '0.1',
        'storage' => $storage_config,
        'http'     => {
            'addr' => '127.0.0.1:5000',
        },
    }

    # This is by default 0700 for some reason - nothing sensitive inside
    # that doesn't have additional protection
    file { '/etc/docker':
        ensure => directory,
        mode   => '0555',
    }


    file { '/etc/docker/registry/config.yml':
        # Deep merge so that base settings can be overwritten. Base settings
        # as the first arg so that param provided config can be overridden:
        # * When there is a duplicate key that is a hash, they are recursively
        #   merged.
        # * When there is a duplicate key that is not a hash, the key in the
        #   rightmost hash will "win."
        content => to_yaml(deep_merge($base_config, $config)),
        owner   => 'docker-registry',
        group   => 'docker-registry',
        mode    => '0440',
        notify  => Service['docker-registry'],
    }

    service { 'docker-registry':
        ensure  => running,
        require => File[
            '/etc/docker',
            '/etc/docker/registry/config.yml'
        ],
    }

    rsyslog::input::file { 'registry-nginx-error':
        path => '/var/log/nginx/error.log',
    }

    rsyslog::input::file { 'registry-nginx-access':
        path => '/var/log/nginx/access.log',
    }
}