Commit dfc0bbfd authored by Achilleas Pipinellis's avatar Achilleas Pipinellis

Document how to change the Registry's internal port

Closes https://gitlab.com/gitlab-org/omnibus-gitlab/issues/1433
parent 5fbad4e3
# GitLab Container Registry Administration # GitLab Container Registry administration
> [Introduced][ce-4040] in GitLab 8.8. > [Introduced][ce-4040] in GitLab 8.8.
--- ---
> **Note** > **Notes:**
Docker Registry manifest `v1` support was added in GitLab 8.9 to support Docker - Container Registry manifest `v1` support was added in GitLab 8.9 to support
versions earlier than 1.10. Docker versions earlier than 1.10.
> - This document is about the admin guide. To learn how to use GitLab Container
This document is about the admin guide. To learn how to use GitLab Container Registry [user documentation](../user/project/container_registry.md).
Registry [user documentation](../user/project/container_registry.md).
With the Docker Container Registry integrated into GitLab, every project can With the Container Registry integrated into GitLab, every project can have its
have its own space to store its Docker images. own space to store its Docker images.
You can read more about Docker Registry at https://docs.docker.com/registry/introduction/. You can read more about the Container Registry at
https://docs.docker.com/registry/introduction/.
## Enable the Container Registry ## Enable the Container Registry
**Omnibus GitLab installations** **Omnibus GitLab installations**
All you have to do is configure the domain name under which the Container All you have to do is configure the domain name under which the Container
Registry will listen to. Read [#container-registry-domain-configuration](#container-registry-domain-configuration) Registry will listen to. Read
[#container-registry-domain-configuration](#container-registry-domain-configuration)
and pick one of the two options that fits your case. and pick one of the two options that fits your case.
>**Note:** >**Note:**
The container Registry works under HTTPS by default. Using HTTP is possible The container registry works under HTTPS by default. Using HTTP is possible
but not recommended and out of the scope of this document. but not recommended and out of the scope of this document.
Read the [insecure Registry documentation][docker-insecure] if you want to Read the [insecure Registry documentation][docker-insecure] if you want to
implement this. implement this.
...@@ -36,7 +37,7 @@ implement this. ...@@ -36,7 +37,7 @@ implement this.
If you have installed GitLab from source: If you have installed GitLab from source:
1. You will have to [install Docker Registry][registry-deploy] by yourself. 1. You will have to [install Registry][registry-deploy] by yourself.
1. After the installation is complete, you will have to configure the Registry's 1. After the installation is complete, you will have to configure the Registry's
settings in `gitlab.yml` in order to enable it. settings in `gitlab.yml` in order to enable it.
1. Use the sample NGINX configuration file that is found under 1. Use the sample NGINX configuration file that is found under
...@@ -69,11 +70,13 @@ where: ...@@ -69,11 +70,13 @@ where:
| `issuer` | This should be the same value as configured in Registry's `issuer`. Read the [token auth configuration documentation][token-config]. | | `issuer` | This should be the same value as configured in Registry's `issuer`. Read the [token auth configuration documentation][token-config]. |
>**Note:** >**Note:**
GitLab does not ship with a Registry init file. Hence, [restarting GitLab][restart gitlab] A Registry init file is not shipped with GitLab if you install it from source.
will not restart the Registry should you modify its settings. Read the upstream Hence, [restarting GitLab][restart gitlab] will not restart the Registry should
documentation on how to achieve that. you modify its settings. Read the upstream documentation on how to achieve that.
The Docker Registry configuration will need `container_registry` as the service and `https://gitlab.example.com/jwt/auth` as the realm: At the absolute minimum, make sure your [Registry configuration][registry-auth]
has `container_registry` as the service and `https://gitlab.example.com/jwt/auth`
as the realm:
``` ```
auth: auth:
...@@ -264,12 +267,6 @@ Registry application itself. ...@@ -264,12 +267,6 @@ Registry application itself.
1. Save the file and [restart GitLab][] for the changes to take effect. 1. Save the file and [restart GitLab][] for the changes to take effect.
## Disable Container Registry per project
If Registry is enabled in your GitLab instance, but you don't need it for your
project, you can disable it from your project's settings. Read the user guide
on how to achieve that.
## Disable Container Registry for new projects site-wide ## Disable Container Registry for new projects site-wide
If the Container Registry is enabled, then it will be available on all new If the Container Registry is enabled, then it will be available on all new
...@@ -425,6 +422,46 @@ storage: ...@@ -425,6 +422,46 @@ storage:
enabled: true enabled: true
``` ```
## Change the registry's internal port
> **Note:**
This is not to be confused with the port that GitLab itself uses to expose
the Registry to the world.
The Registry server listens on localhost at port `5000` by default,
which is the address for which the Registry server should accept connections.
In the examples below we set the Registry's port to `5001`.
**Omnibus GitLab**
1. Open `/etc/gitlab/gitlab.rb` and set `registry['registry_http_addr']`:
```ruby
registry['registry_http_addr'] = "localhost:5001"
```
1. Save the file and [reconfigure GitLab][] for the changes to take effect.
---
**Installations from source**
1. Open the configuration file of your Registry server and edit the
[`http:addr`][registry-http-config] value:
```
http
addr: localhost:5001
```
1. Save the file and restart the Registry server.
## Disable Container Registry per project
If Registry is enabled in your GitLab instance, but you don't need it for your
project, you can disable it from your project's settings. Read the user guide
on how to achieve that.
## Storage limitations ## Storage limitations
Currently, there is no storage limitation, which means a user can upload an Currently, there is no storage limitation, which means a user can upload an
...@@ -444,6 +481,8 @@ configurable in future releases. ...@@ -444,6 +481,8 @@ configurable in future releases.
[docker-insecure]: https://docs.docker.com/registry/insecure/ [docker-insecure]: https://docs.docker.com/registry/insecure/
[registry-deploy]: https://docs.docker.com/registry/deploying/ [registry-deploy]: https://docs.docker.com/registry/deploying/
[storage-config]: https://docs.docker.com/registry/configuration/#storage [storage-config]: https://docs.docker.com/registry/configuration/#storage
[registry-http-config]: https://docs.docker.com/registry/configuration/#http
[registry-auth]: https://docs.docker.com/registry/configuration/#auth
[token-config]: https://docs.docker.com/registry/configuration/#token [token-config]: https://docs.docker.com/registry/configuration/#token
[8-8-docs]: https://gitlab.com/gitlab-org/gitlab-ce/blob/8-8-stable/doc/administration/container_registry.md [8-8-docs]: https://gitlab.com/gitlab-org/gitlab-ce/blob/8-8-stable/doc/administration/container_registry.md
[registry-ssl]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/support/nginx/registry-ssl [registry-ssl]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/support/nginx/registry-ssl
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment