Public Repository

Last pushed: a year ago
Short Description
This image provide a ansible container that set up a Portus with LDAP and SSL certificates.
Full Description

Portus Builder

Portus is an authoritzation server and a user interface for the next generation of the Docker registry.

Portus supports the concept of users and teams. Users have their own personal Docker namespace where they have both read (aka docker pull) and write (akadocker push) access. A team is a group of users that have read and write access to a certain namespace. You can read more about this in
documentation page about it.

By the way, to set up the Portus environment, we use a Ansible playbook to automatize the build.
Ansible is a radically simple IT automation system. It handles configuration-management, application deployment, cloud provisioning, ad-hoc task-execution, and multinode orchestration - including trivializing things like zero downtime rolling updates with load balancers.(see more in https://github.com/ansible/ansible). Pull any official repository of Ansible from Docker hub, such as:

So, to run Portus Builder is necessary execute the following instructions.

Host requiriments

Tested hosts with Debian 8 or Ubuntu 14.04.

## Installing docker on your host

To install the Docker quickly, run:

sudo curl -sSL https://get.docker.com/ | sh

Check version

docker version

Get Portus-Builder image from docker hub.

To get a image of Portus-Build you need to create a account in Docker hub (https://hub.docker.com/). After that, on your host:

 docker login

<put your dockerhub credentials>

Get the image reference.

 docker pull popes/portus-builder

Run the image

 sudo docker run -it popes/portus-builder bash

 [root@commit ansible]#

Configure and Run Portus-Builder

Edit file myhosts and set a IP and PORT/SSH of the host that will run Portus. This IP and SSH port need to be configured before in the Host (out of Ansible container). Ex:

 [portus]
 100.200.200.100 ansible_user=root ansible_port=22

The playbook needs to ssh authentication in host tha will receive Portus (out of container). So, we need generate a new ssh keys. The IP is the address that will be used in Portus Host. (usually eth0).

Inside the container, run

 ssh-keygen

Copy the id_rsa.pub key to /root/.ssh/authorized_keys of host.

Configure vars to setup LDAP and SSL HTTP Certificate.

Before execute the Ansible playbook, it's necessary to adjust variables in /var/vars.yml. After that, execute Ansible playbook. Set yout domain, IPs, certificate files, etc.

 domain: "portus-exemple.example.com"
 portus_ip: "100.200.100.200"
 \#put cetificates in ./file/ssl to https in Portus Host.
 crt_file: pop-zy.crt
 key_file: pop-zy.key
 gs_root_file: gs_root.pem
 intermediate_file: intermediate.pem
 \#authorized subnets to access portus in ipv4 and ipv6(opcional)
 access_v4: 100.200.100.0/24
 access_v6: 2001:2001:6c0::/64
 \##ldap conf
 ldap_hostname: ldap1.pop-zy.example.com
 ldap_port: <ldapport>

 \# Available options: "plain", "simple_tls" and "starttls". The default is
 \#   # "plain", the recommended is "starttls".
 ldap_method: simple_tls
 ldap_base: "dc=pop-zy,dc=example,dc=com"
 \# The LDAP attribute where to search for username. The default is 'uid'.
 ldap_uid: uid
 ldap_bind_dn: "uid=agent,ou=People,dc=pop-zy,dc=example,dc=com"
 ldap_password: "password"

After ajusts vars file, run the playbook.

 ansible-playbook tasks/main.yml

To ssl certificates, is necessary copy crt_file and key_file to ./files/ssl. If you will generate your self-signed certificate, do it and move the file to this folder. (ref.: http://www.akadia.com/services/ssh_test_certificate.html)

If the user in myhosts need sudo, run

ansible-playbook tasks/main.yml --ask-sudo-pass

To check if everthings gone right, access

https://yourdomain:3000

If you correctly access, and authenticaded, you can delete this ansible container in the host.

docker rm -f popes/portus-builder

Otherwise, post your comment bellow.

Docker Pull Command
Owner
popes