Gitlab comme registre de conteneurs Docker

[fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left="" admin_label="Introduction" admin_toggled="yes"][fusion_builder_row][fusion_builder_column type="1_2" layout="1_2" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]

Gitlab fait partie des logiciels d'hébergement git de référence pour garder une maîtrise du versionning des projets en interne.

Nous allons voir dans cet article comment rajouter à votre Gitlab la fonction registre Docker qui permet de stocker vos images docker locales dans vos projets git sur la même plateforme.

[/fusion_text][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]

Prérequis

Une installation de gitlab fonctionnelle, on conseille la version Omnibus permettant d'avoir une installation fonctionnelle rapidement.

Un fonctionnement en https.

Un certificat et un vhost dédié, le registre sera accessible sur une autre url que celle de gitlab.

Dans notre exemple :
https://gitlab.aukfood.org : le gitlab
https://registre.aukfood.org : le registre

[/fusion_text][/fusion_builder_column][fusion_builder_column type="1_2" layout="1_2" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_content_boxes layout="icon-with-title" columns="1" title_size="" heading_size="2" title_color="" body_color="#000000" backgroundcolor="rgba(244,67,54,0)" icon="" iconflip="" iconrotate="" iconspin="no" iconcolor="" icon_circle="" icon_circle_radius="" circlecolor="" circlebordersize="" circlebordercolor="" outercirclebordersize="" outercirclebordercolor="" icon_size="" icon_hover_type="" hover_accent_color="" image="" image_id="" image_max_width="" link_type="" button_span="" link_area="" link_target="" icon_align="left" animation_type="" animation_delay="" animation_offset="" animation_direction="left" animation_speed="0.3" margin_top="" margin_bottom="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""][fusion_content_box title="Mise à jour de l'article" backgroundcolor="rgba(244,67,54,0.77)" icon="" iconflip="" iconrotate="" iconspin="no" iconcolor="" circlecolor="" circlebordersize="" circlebordercolor="" outercirclebordersize="" outercirclebordercolor="" image="" image_id="" image_max_width="" link="" linktext="Read More" link_target="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset=""]

Petite modification de cet article le 14 Août 2019 après des problèmes sur le push d'images avec l'erreur :

unknown blob

Cette erreur était due à un problème entre le proxy Apache et Gitlab lors de la transmission des en-têtes https :

RequestHeader set X-Forwarded-Proto "https"

[/fusion_content_box][/fusion_content_boxes][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container][fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left="" admin_label="Mise en place" admin_toggled="yes"][fusion_builder_row][fusion_builder_column type="1_1" layout="1_1" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]

Configuration

Activer le registre dans le fichier /etc/gitlab/gitlab.rb

registry_external_url 'https://registre.aukfood.org'

Faire en sorte que ce soit à l'utilisateur du projet d'activer ou non le registre, cela évite de mettre en place du registre pour tout les projets, attention valable uniquement pour les nouveaux projets :

gitlab_rails['gitlab_default_projects_features_container_registry'] = false

Si besoins, changer le chemin de stockage des images :

gitlab_rails['registry_path'] = "/path/to/registry/storage"

Attention, ce répertoire doit être accessible par l'utilisateur faisant tourner gitlab et par apache.

Reconfigurer et redémarrer gitlab :

Activer le registre sur un projet

Vu qu'il à été défini que par défaut le registre était inactivé à la création des projets, il faudra l'activer pour chaque projet dans Settings / General / Permissions

[/fusion_text][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container][fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left="" admin_label="Vhost Apache" admin_toggled="yes"][fusion_builder_row][fusion_builder_column type="1_1" layout="1_1" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]

Vhost Apache

Créer un vhost Apache qui servira de proxy pour accéder à la fonction registre de gitlab par défaut sur le port 5000.

[/fusion_text][fusion_syntax_highlighter theme="" language="x-sh" line_numbers="" line_wrapping="" copy_to_clipboard="" copy_to_clipboard_text="Copy to Clipboard" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" font_size="" border_size="" border_color="" border_style="" background_color="" line_number_background_color="" line_number_text_color="" margin_top="" margin_left="" margin_bottom="" margin_right=""]PFZpcnR1YWxIb3N0ICo6ODA+CiAgU2VydmVyTmFtZSByZWdpc3RyZS5hdWtmb29kLm9yZwogIFJlZGlyZWN0IC8gaHR0cHM6Ly9yZWdpc3RyZS5hdWtmb29kLm9yZy8KPC9WaXJ0dWFsSG9zdD4KPFZpcnR1YWxIb3N0ICo6NDQzPgogIFNlcnZlck5hbWUgcmVnaXN0cmUuYXVrZm9vZC5vcmcKCiAgTG9nTGV2ZWwgd2FybgogIEVycm9yTG9nICJ8L3Vzci9iaW4vcm90YXRlbG9ncyAtbGMgL3Zhci9sb2cvYXBhY2hlMi9lcnJvcl9yZWdpc3RyZWxhYi4lWS4lbS4lZCA4NjQwMCIKICBDdXN0b21Mb2cgInwvdXNyL2Jpbi9yb3RhdGVsb2dzIC1sYyAvdmFyL2xvZy9hcGFjaGUyL2FjY2Vzc19yZWdpc3RyZWxhYi4lWS4lbS4lZCA4NjQwMCIgY29tYmluZWQKCiAgU1NMRW5naW5lIG9uCiAgU1NMQ2VydGlmaWNhdGVGaWxlIC9ldGMvbGV0c2VuY3J5cHQvbGl2ZS9yZWdpc3RyZS5hdWtmb29kLm9yZy9jZXJ0LnBlbQogIFNTTENlcnRpZmljYXRlS2V5RmlsZSAvZXRjL2xldHNlbmNyeXB0L2xpdmUvcmVnaXN0cmUuYXVrZm9vZC5vcmcvcHJpdmtleS5wZW0KICBTU0xDZXJ0aWZpY2F0ZUNoYWluRmlsZSAvZXRjL2xldHNlbmNyeXB0L2xpdmUvcmVnaXN0cmUuYXVrZm9vZC5vcmcvY2hhaW4ucGVtCgogICMgSFNUUyAobW9kX2hlYWRlcnMgaXMgcmVxdWlyZWQpICgxNTc2ODAwMCBzZWNvbmRzID0gNiBtb250aHMpCiAgSGVhZGVyIGFsd2F5cyBzZXQgU3RyaWN0LVRyYW5zcG9ydC1TZWN1cml0eSAibWF4LWFnZT0xNTc2ODAwMCIKCiAgIyBBY3RpdmF0ZSBodHRwLzIKICBQcm90b2NvbHMgaDIgaDJjIGh0dHAvMS4xCgogIEgyUHVzaCAgICAgICAgICBvbiAKICBIMlB1c2hQcmlvcml0eSAgKiAgICAgICAgICAgICAgICAgICAgICAgYWZ0ZXIgCiAgSDJQdXNoUHJpb3JpdHkgIHRleHQvY3NzICAgICAgICAgICAgICAgIGJlZm9yZSAKICBIMlB1c2hQcmlvcml0eSAgaW1hZ2UvanBlZyAgICAgICAgICAgICAgYWZ0ZXIgICAzMiAKICBIMlB1c2hQcmlvcml0eSAgaW1hZ2UvcG5nICAgICAgICAgICAgICAgYWZ0ZXIgICAzMiAKICBIMlB1c2hQcmlvcml0eSAgYXBwbGljYXRpb24vamF2YXNjcmlwdCAgaW50ZXJsZWF2ZWQKIAogIFByb3h5UmVxdWVzdHMgICAgIE9mZgogIFByb3h5UHJlc2VydmVIb3N0IE9uCiAgSGVhZGVyIHNldCBIb3N0ICJyZWdpc3RyZS5hdWtmb29kLm9yZyIKICA8TG9jYXRpb24gLz4KICAgIFJlcXVpcmUgYWxsIGdyYW50ZWQKCiAgICBQcm94eVBhc3MgaHR0cDovLzEyNy4wLjAuMTo1MDAwLyB0aW1lb3V0PTkwMAogICAgUHJveHlQYXNzUmV2ZXJzZSBodHRwOi8vMTI3LjAuMC4xOjUwMDAvCiAgPC9Mb2NhdGlvbj4KCiAgSGVhZGVyIGFsd2F5cyBzZXQgRG9ja2VyLURpc3RyaWJ1dGlvbi1BcGktVmVyc2lvbiAicmVnaXN0cnkvMi4wIgogIFJlcXVlc3RIZWFkZXIgc2V0IFgtRm9yd2FyZGVkLVByb3RvICJodHRwcyIKCiAgIyBuZWVkZWQgZm9yIGRvd25sb2FkaW5nIGF0dGFjaG1lbnRzCiAgRG9jdW1lbnRSb290IC9vcHQvZ2l0bGFiL2VtYmVkZGVkL3NlcnZpY2UvZ2l0bGFiLXJhaWxzL3B1YmxpYwoKPC9WaXJ0dWFsSG9zdD4KIyBpbnRlcm1lZGlhdGUgY29uZmlndXJhdGlvbiwgdHdlYWsgdG8geW91ciBuZWVkcwpTU0xQcm90b2NvbCAgICAgICAgICAgICBhbGwgLVNTTHYzClNTTENpcGhlclN1aXRlICAgICAgICAgIEVDREhFLUVDRFNBLUNIQUNIQTIwLVBPTFkxMzA1OkVDREhFLVJTQS1DSEFDSEEyMC1QT0xZMTMwNTpFQ0RIRS1FQ0RTQS1BRVMxMjgtR0NNLVNIQTI1NjpFQ0RIRS1SU0EtQUVTMTI4LUdDTS1TSEEyNTY6RUNESEUtRUNEU0EtQUVTMjU2LUdDTS1TSEEzODQ6RUNESEUtUlNBLUFFUzI1Ni1HQ00tU0hBMzg0OkRIRS1SU0EtQUVTMTI4LUdDTS1TSEEyNTY6REhFLVJTQS1BRVMyNTYtR0NNLVNIQTM4NDpFQ0RIRS1FQ0RTQS1BRVMxMjgtU0hBMjU2OkVDREhFLVJTQS1BRVMxMjgtU0hBMjU2OkVDREhFLUVDRFNBLUFFUzEyOC1TSEE6RUNESEUtUlNBLUFFUzI1Ni1TSEEzODQ6RUNESEUtUlNBLUFFUzEyOC1TSEE6RUNESEUtRUNEU0EtQUVTMjU2LVNIQTM4NDpFQ0RIRS1FQ0RTQS1BRVMyNTYtU0hBOkVDREhFLVJTQS1BRVMyNTYtU0hBOkRIRS1SU0EtQUVTMTI4LVNIQTI1NjpESEUtUlNBLUFFUzEyOC1TSEE6REhFLVJTQS1BRVMyNTYtU0hBMjU2OkRIRS1SU0EtQUVTMjU2LVNIQTpFQ0RIRS1FQ0RTQS1ERVMtQ0JDMy1TSEE6RUNESEUtUlNBLURFUy1DQkMzLVNIQTpFREgtUlNBLURFUy1DQkMzLVNIQTpBRVMxMjgtR0NNLVNIQTI1NjpBRVMyNTYtR0NNLVNIQTM4NDpBRVMxMjgtU0hBMjU2OkFFUzI1Ni1TSEEyNTY6QUVTMTI4LVNIQTpBRVMyNTYtU0hBOkRFUy1DQkMzLVNIQTohRFNTClNTTEhvbm9yQ2lwaGVyT3JkZXIgICAgIG9uClNTTENvbXByZXNzaW9uICAgICAgICAgIG9mZgoKIyBPQ1NQIFN0YXBsaW5nLCBvbmx5IGluIGh0dHBkIDIuMy4zIGFuZCBsYXRlcgpTU0xVc2VTdGFwbGluZyAgICAgICAgICBvZmYKU1NMU3RhcGxpbmdSZXNwb25kZXJUaW1lb3V0IDUKU1NMU3RhcGxpbmdSZXR1cm5SZXNwb25kZXJFcnJvcnMgb2ZmClNTTFN0YXBsaW5nQ2FjaGUgICAgICAgIHNobWNiOi92YXIvcnVuL29jc3AoMTI4MDAwKQ==[/fusion_syntax_highlighter][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container][fusion_builder_container hundred_percent="no" hundred_percent_height="no" hundred_percent_height_scroll="no" hundred_percent_height_center_content="yes" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" status="published" publish_date="" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" enable_mobile="no" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" video_preview_image="" border_size="" border_color="" border_style="solid" margin_top="" margin_bottom="" padding_top="" padding_right="" padding_bottom="" padding_left="" admin_label="Utiliser le registre"][fusion_builder_row][fusion_builder_column type="1_1" layout="1_1" spacing="" center_content="no" link="" target="_self" min_height="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_image_id="" background_position="left top" background_repeat="no-repeat" hover_type="none" border_size="0" border_color="" border_style="solid" border_position="all" border_radius="" box_shadow="no" dimension_box_shadow="" box_shadow_blur="0" box_shadow_spread="0" box_shadow_color="" box_shadow_style="" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="" margin_bottom="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset="" last="no"][fusion_text columns="" column_min_width="" column_spacing="" rule_style="default" rule_size="" rule_color="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id=""]

Utiliser le registre

Se connecter au registre

Construire une image pour ce registre

Pousser une image sur le registre

Récupérer l'image

A suivre

Votre Gitlab est maintenant transformé en registre Docker.

[/fusion_text][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]