GitLab Container Registry

In May of this year, the release of GuitLab 8.8 was released. Part of this release was the launch of the integrated Docker Container Registry. Below is a translation of a May article devoted to this.

We recently released GitLab version 8.8 , in which CI support has become even better. Now in GitLab, you can build pipelines for visualizing builds, tests, deployments, and any other steps in the life cycle of your software. Today we present you the next step: GitLab Container Registry.

GitLab Container Registry is a secure, private registry for Docker images (images) developed using open source software . GitLab Container Registry is fully integrated into GitLab.

Key features of GitLab are the continuity of the development process and the mutual integration of various elements; these principles are also maintained when working with our registry. Now with the help of the GitLab Container Registry you can use your Docker images for GitLab CI, create special images for individual tags and branches, and much more.

It is worth noting that the GitLab Container Registry is the first Docker registry fully integrated into the Git repository management system. In addition, the GitLab Container Registry does not require a separate installation, as it is part of GitLab 8.8; With it, you can easily download and upload images to GitLab CI. And it's free.

To learn how to enable the use of the GitLab Container Registry, refer to the administrator's documentation .

Docker Basics

The basic unit of work with Docker is an image that contains everything you need to start and run an application. Often, images are created automatically as part of a continuous integration process — that is, they are updated every time the code changes. In cases where images are created for sharing, they need to be stored somewhere. Just for this and apply the registry of images.

The registry allows you to store images for further reuse and categorize them using tags. It is a good idea to create a registry to store private images that are used only within the company, or, for example, images for running and running tests. When using the GitLab Container Registry, you do not need to configure and maintain additional services or use public registries.

Tight integration with GitLab

GitLab Container Registry is fully integrated into GitLab, which allows developers to easily create, test, and run Docker images using GitLab CI or other Docker compatible tools.

• For authentication and access restriction, users and groups from your GitLab instance are used.
• There is no need to create additional repositories for working with the registry - the registry is part of your project in GitLab.
• A new tab Container Registry appears in the project, which lists all the images related to this project.
• Each project can have its own registry of images (optionally, it can be disabled for any single project).
• You can easily download and upload images on GitLab CI.
• No need to download and install additional software.

Simplify your workflow

Working with the GitLab Container Registry is simple and secure. Here are some examples of how using the GitLab Container Registry can simplify the process of developing and deploying software:

• Build Docker images using GitLab CI and then storing them in the GitLab Container Registry.
• Snap images to branches, source code tags, or use any other method appropriate for your development process. Created images can be quickly and easily saved to GitLab.
• Use your own build images stored in your registry to test applications.
• Let the rest of the team members also participate in the design of images. This will not require additional efforts from them, since the same workflow to which they are used is used. GitLab CI allows you to automatically build images that are inherited from yours, which in turn makes it easy to add fixes and new features to the base image used by your team.
• Configure CaaS to use images directly from the GitLab Container Registry, thus obtaining a continuous code deployment process. This will allow you to automatically deploy applications to the cloud (Docker Cloud, Docker Swarm, Kubernetes, etc.) each time you build or test an image.

Where to begin?

First of all, ask your system administrator to connect the GitLab Container Registry as described in the administrator documentation .

After that, you can enable the Container Registry option in your project.

In order to start using the registry, you first need to log in:

docker login registry.example.com 

After that, you can simply collect and push images on GitLab:

 docker build -t registry.example.com/group/project . docker push registry.example.com/group/project 

GitLab also provides a simple interface for managing containers. Click on the Container Registry in your project - in the opened window you will see all the tags in your repository and you can easily remove any of them.

For more information, see the GitLab Container Registry user guide .

Use with GitLab CI

The built-in interface for managing GitLab's CI can be used to assemble, push, and deploy created images.

Warning: this requires GitLab Runner 1.2.

Warning: In order to use Docker in Docker images, you need to set the privileged flag in the Runner configuration. So far, this cannot be done in shared runners on GitLab.com. We plan to add this flag in the near future, but for now you should use your own Runners.

Here is an example of a GitLab CI configuration file ( .gitlab-ci.yml ) that .gitlab-ci.yml image, runs tests and, if passed successfully, assigns a build tag and loads the build into the image registry:

 build_image: image: docker:git services: - docker:dind script: - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.example.com - docker build -t registry.example.com/my-group/my-project . - docker run registry.example.com/my-group/my-project /script/to/run/tests - docker push registry.example.com/my-group/my-project:latest only: - master 

An example of a more complex image that divides tasks into 4 stages, within which two tests are performed in parallel. The build is stored in the registry of images and is used in subsequent stages, automatically downloading the image if necessary. Changes to the master branch are assigned the latest tag, after which these changes are deployed using an application-specific script:

 image: docker:git services: - docker:dind stages: - build - test - release - deploy variables: CONTAINER_TEST_IMAGE: registry.example.com/my-group/my-project:$CI_BUILD_REF_NAME CONTAINER_RELEASE_IMAGE: registry.example.com/my-group/my-project:latest before_script: - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.example.com build: stage: build script: - docker build -t $CONTAINER_TEST_IMAGE . - docker push $CONTAINER_TEST_IMAGE test1: stage: test script: - docker run $CONTAINER_TEST_IMAGE /script/to/run/tests test2: stage: test script: - docker run $CONTAINER_TEST_IMAGE /script/to/run/another/test release-image: stage: release script: - docker pull $CONTAINER_TEST_IMAGE - docker tag $CONTAINER_TEST_IMAGE $CONTAINER_RELEASE_IMAGE - docker push $CONTAINER_RELEASE_IMAGE only: - master deploy: stage: deploy script: - ./deploy.sh only: - master 

Summing up

GitLab Container Registry is the latest addition to the integrated toolkit for the GitLab software development cycle. This add-on is available from version GitLab 8.8 . Using this functionality, testing and deploying Docker images has become much easier. The GitLab Container Registry comes bundled with GitLab CE and GitLab EE at no extra charge and is installed on top of the same infrastructure that you have configured for GitLab.

The Container Registry is available at GitLab.com, it is absolutely free, and you can start using it right now!

Important : In order to use Docker in Docker images you need to set the privileged flag in the Runner settings. So far, this cannot be done in general Runners on GitLab.com. We are planning to add this flag in the near future. Everything is already ok.

PS It would be great if you share your experience in the comments.

Translation from English is made by translational artel "Nadmozg and partners", http://nadmosq.ru . Over translation worked sgnl_05 .