Difference between revisions of "Sregistry Install"
Jump to navigation
Jump to search
| Line 54: | Line 54: | ||
May 20 16:00:02 sregistry.novalocal dockerd[8723]: time="2020-05-20T16:00:02.... | May 20 16:00:02 sregistry.novalocal dockerd[8723]: time="2020-05-20T16:00:02.... | ||
Hint: Some lines were ellipsized, use -l to show in full. | Hint: Some lines were ellipsized, use -l to show in full. | ||
| + | |||
| + | [root@sregistry ~]# docker run hello-world | ||
| + | |||
| + | Hello from Docker! | ||
| + | This message shows that your installation appears to be working correctly. | ||
| + | |||
| + | To generate this message, Docker took the following steps: | ||
| + | 1. The Docker client contacted the Docker daemon. | ||
| + | 2. The Docker daemon pulled the "hello-world" image from the Docker Hub. | ||
| + | (amd64) | ||
| + | 3. The Docker daemon created a new container from that image which runs the | ||
| + | executable that produces the output you are currently reading. | ||
| + | 4. The Docker daemon streamed that output to the Docker client, which sent it | ||
| + | to your terminal. | ||
| + | |||
| + | To try something more ambitious, you can run an Ubuntu container with: | ||
| + | $ docker run -it ubuntu bash | ||
| + | |||
| + | Share images, automate workflows, and more with a free Docker ID: | ||
| + | https://hub.docker.com/ | ||
| + | |||
| + | For more examples and ideas, visit: | ||
| + | https://docs.docker.com/get-started/ | ||
| + | |||
| + | |||
| + | |||
</pre> | </pre> | ||
=== Download Sregistry === | === Download Sregistry === | ||
<pre> | <pre> | ||
[centos@sregistry ~]$ git clone https://github.com/singularityhub/sregistry | [centos@sregistry ~]$ git clone https://github.com/singularityhub/sregistry | ||
| − | [centos@sregistry ~]$ | + | [centos@sregistry ~]$ cd |
| − | [ | + | [root@sregistry sregistry]# ls |
| + | AUTHORS.md get-pip.py nginx.conf shub.wsgi | ||
| + | backup https paper Singularity | ||
| + | CHANGELOG.md images README.md static | ||
| + | contributors.svg LICENSE requirements.txt uwsgi.ini | ||
| + | docker-compose.yml Makefile run_uwsgi.sh uwsgi_params.par | ||
| + | Dockerfile manage.py scripts VERSION | ||
| + | docs nginx shub | ||
| + | </pre> | ||
| + | |||
| + | == Configration for sregistry setting == | ||
| + | |||
| + | There are some setting in the shub and ngnix which we can change to effect the installation. We will change them in these files before we start the application. There are actually only two files you need to change into, generating a settings/secrets.py from the template settings/dummy_secrets.py for application secrets, and settings/config.py to configure your database and registry information. | ||
| + | |||
| + | === Secrets === | ||
| + | |||
| + | Create a secrets.py file in the shub/setting/ from the template | ||
| + | |||
| + | <pre> | ||
| + | cp shub/settings/dummy_secrets.py shub/settings/secrets.py | ||
| + | </pre> | ||
| + | |||
| + | Inside secrets file you want to add a SECRET_KEY. | ||
| + | |||
| + | You can use the secret key generator to make a new secret key, and call it SECRET_KEY in your secrets.py file, like this: | ||
| + | <pre> | ||
| + | SECRET_KEY="5h1tc_x#3r@5ws7ce-@ci(6b1d-a54xw)!#gkc3ieekswg_@w5" | ||
| + | </pre> | ||
| + | |||
| + | === Select Authentication type === | ||
| + | |||
| + | Singularity Registry uses OAuth2 with a token–> refresh flow because it gives the user power to revoke permission at any point, and is a more modern strategy than storing a database of usernames and passwords. | ||
| + | A lot of third party Auth option are supports and more can be added. | ||
| + | |||
| + | The preferred auth option is selected in | ||
| + | |||
| + | [root@sregistry sregistry]# vi shub/settings/config.py | ||
| + | |||
| + | # Which social auths do you want to use? | ||
| + | ENABLE_GOOGLE_AUTH=False | ||
| + | ENABLE_TWITTER_AUTH=False | ||
| + | ENABLE_GITHUB_AUTH=True | ||
| + | ENABLE_GITLAB_AUTH=False | ||
| + | ENABLE_BITBUCKET_AUTH=False | ||
| + | |||
| + | we have selected Github auth option for the testing. | ||
| + | |||
| + | ==== Create a github account and register application ==== | ||
| + | <todo> | ||
| + | ==== Paste the secrets in the secrates file ==== | ||
| + | <todo> | ||
| + | |||
| + | |||
| + | == Further edit config == | ||
| + | |||
| + | We have to provide the DOMAIN_NAME and DOMAIN_NAME_HTTP as Public IP or the IP of the server. | ||
| + | We can assign private only repostories as well but assgining | ||
| + | |||
| + | <pre> | ||
| + | |||
| + | [root@sregistry sregistry]# vi shub/settings/config.py | ||
| + | |||
| + | DOMAIN_NAME = "http://185.93.31.53" | ||
| + | DOMAIN_NAME_HTTP = "http://185.93.31.53" | ||
| + | DOMAIN_NAKED = DOMAIN_NAME_HTTP.replace("http://", "") | ||
| + | |||
| + | ADMINS = (("vsochat", "vsochat@gmail.com"),) | ||
| + | MANAGERS = ADMINS | ||
| + | |||
| + | HELP_CONTACT_EMAIL = "shanal.tiwari@boston.co.uk" | ||
| + | HELP_INSTITUTION_SITE = "Boston Labs" | ||
| + | REGISTRY_NAME = "Boston Labs" | ||
| + | REGISTRY_URI = "boston" | ||
| + | GOOGLE_ANALYTICS = None # "UA-XXXXXXXXX" | ||
| + | |||
| + | USER_COLLECTIONS = True | ||
| + | |||
| + | # Limit users to N collections (None is unlimited) | ||
| + | USER_COLLECTION_LIMIT = 2 | ||
| + | |||
| + | # Should registries by default be private, with no option for public? | ||
| + | PRIVATE_ONLY = False | ||
| + | |||
| + | # Should the default for a new registry be private or public? | ||
| + | DEFAULT_PRIVATE = False | ||
| + | </pre> | ||
| + | |||
| + | We can leave rest as defaults. | ||
</pre> | </pre> | ||
Revision as of 16:42, 21 May 2020
VM machine Setup
Create a Virtual machine with 4core / 8 GB and 40GB
Host Installation
Starting form scratch we would need to install docker and docker compose.
MacBook-Air-2:~ office$ ssh -i shanaldemo.pem centos@185.93.31.53 [centos@sregistry ~]$ sudo su - [root@sregistry ~]$ yum update ; reboot [root@sregistry ~]$ yum groupinstall "Development Tools" [root@sregistry ~]$ yum install wget [root@sregistry ~]$ yum install git nginx [root@sregistry ~] yum install epel-release
Install Python and PIP
[root@sregistry ~]$ wget https://bootstrap.pypa.io/get-pip.py [root@sregistry ~]$ sudo /usr/bin/python get-pip.py [root@sregistry ~]$ sudo pip install ipaddress [root@sregistry ~]$ sudo pip install oauth2client
Add Docker and Docker-compose
[root@sregistry ~]$ yum install -y yum-utils
[root@sregistry ~]$ yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
[root@sregistry ~]$ yum install docker-ce docker-ce-cli containerd.io
[root@sregistry ~]$ usermod -aG docker docker
[root@sregistry ~]$ yum install docker-compose
[root@sregistry ~]$ service docker start
[root@sregistry ~]# service docker status
Redirecting to /bin/systemctl status docker.service
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: active (running) since Wed 2020-05-20 12:43:08 UTC; 1 day 3h ago
Docs: https://docs.docker.com
Main PID: 8723 (dockerd)
Tasks: 29
Memory: 162.3M
CGroup: /system.slice/docker.service
├─ 8723 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/con...
└─13050 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-po...
May 20 14:57:15 sregistry.novalocal dockerd[8723]: time="2020-05-20T14:57:15....
May 20 14:57:15 sregistry.novalocal dockerd[8723]: time="2020-05-20T14:57:15....
May 20 14:57:36 sregistry.novalocal dockerd[8723]: time="2020-05-20T14:57:36....
May 20 14:57:36 sregistry.novalocal dockerd[8723]: time="2020-05-20T14:57:36....
May 20 14:57:36 sregistry.novalocal dockerd[8723]: time="2020-05-20T14:57:36....
May 20 14:57:47 sregistry.novalocal dockerd[8723]: time="2020-05-20T14:57:47....
May 20 14:57:47 sregistry.novalocal dockerd[8723]: time="2020-05-20T14:57:47....
May 20 14:57:47 sregistry.novalocal dockerd[8723]: time="2020-05-20T14:57:47....
May 20 14:57:48 sregistry.novalocal dockerd[8723]: time="2020-05-20T14:57:48....
May 20 16:00:02 sregistry.novalocal dockerd[8723]: time="2020-05-20T16:00:02....
Hint: Some lines were ellipsized, use -l to show in full.
[root@sregistry ~]# docker run hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
Download Sregistry
[centos@sregistry ~]$ git clone https://github.com/singularityhub/sregistry [centos@sregistry ~]$ cd [root@sregistry sregistry]# ls AUTHORS.md get-pip.py nginx.conf shub.wsgi backup https paper Singularity CHANGELOG.md images README.md static contributors.svg LICENSE requirements.txt uwsgi.ini docker-compose.yml Makefile run_uwsgi.sh uwsgi_params.par Dockerfile manage.py scripts VERSION docs nginx shub
Configration for sregistry setting
There are some setting in the shub and ngnix which we can change to effect the installation. We will change them in these files before we start the application. There are actually only two files you need to change into, generating a settings/secrets.py from the template settings/dummy_secrets.py for application secrets, and settings/config.py to configure your database and registry information.
Secrets
Create a secrets.py file in the shub/setting/ from the template
cp shub/settings/dummy_secrets.py shub/settings/secrets.py
Inside secrets file you want to add a SECRET_KEY.
You can use the secret key generator to make a new secret key, and call it SECRET_KEY in your secrets.py file, like this:
SECRET_KEY="5h1tc_x#3r@5ws7ce-@ci(6b1d-a54xw)!#gkc3ieekswg_@w5"
Select Authentication type
Singularity Registry uses OAuth2 with a token–> refresh flow because it gives the user power to revoke permission at any point, and is a more modern strategy than storing a database of usernames and passwords. A lot of third party Auth option are supports and more can be added.
The preferred auth option is selected in
[root@sregistry sregistry]# vi shub/settings/config.py
- Which social auths do you want to use?
ENABLE_GOOGLE_AUTH=False ENABLE_TWITTER_AUTH=False ENABLE_GITHUB_AUTH=True ENABLE_GITLAB_AUTH=False ENABLE_BITBUCKET_AUTH=False
we have selected Github auth option for the testing.
Create a github account and register application
<todo>
Paste the secrets in the secrates file
<todo>
Further edit config
We have to provide the DOMAIN_NAME and DOMAIN_NAME_HTTP as Public IP or the IP of the server. We can assign private only repostories as well but assgining
[root@sregistry sregistry]# vi shub/settings/config.py
DOMAIN_NAME = "http://185.93.31.53"
DOMAIN_NAME_HTTP = "http://185.93.31.53"
DOMAIN_NAKED = DOMAIN_NAME_HTTP.replace("http://", "")
ADMINS = (("vsochat", "vsochat@gmail.com"),)
MANAGERS = ADMINS
HELP_CONTACT_EMAIL = "shanal.tiwari@boston.co.uk"
HELP_INSTITUTION_SITE = "Boston Labs"
REGISTRY_NAME = "Boston Labs"
REGISTRY_URI = "boston"
GOOGLE_ANALYTICS = None # "UA-XXXXXXXXX"
USER_COLLECTIONS = True
# Limit users to N collections (None is unlimited)
USER_COLLECTION_LIMIT = 2
# Should registries by default be private, with no option for public?
PRIVATE_ONLY = False
# Should the default for a new registry be private or public?
DEFAULT_PRIVATE = False
We can leave rest as defaults.