Category Archives: Telemarq

Tips for using a private Docker registry

This is a geeky post for those Googling for relevant phrases. Sometimes a Docker Registry is referred to as a ‘Docker repository’; technically, they’re different things, but the terms are often used interchangeably.

It can be useful to have a private Docker repository for sharing images within your organisation, and from which to deploy the definitive versions of your containers to production.

At Telemarq, we do this by running:

  • a standard registry:2 container on one of our DigitalOcean servers
  • an nginx container in front of it, with basic HTTP auth enabled
  • a letsencrypt system to provide HTTPS certificates for nginx, so the communications are secure.

The registry container can, itself, handle both authentication and the certificates, but it’s easier for us to deploy it this way as part of our standard infrastructure. It all works very nicely, and we’re just starting to incorporate it into some of our more serious workflows.

So how do you make sure that the right images end up in your repository?

One practice we adopt for any deployment system, with or without Docker, is to require that things pushed to the servers should come directly from the git repository, so that they aren’t influenced by what just happens to be in the directory on some arbitrary machine at some time. Typically we might have a script that creates a temporary directory, checks out a known version of the code, builds and deploys it to the server, and then tidies up after itself. (If you use a continuous delivery system, this may happen automatically on a regular basis.)

In the Docker world, you can take advantage of the fact that the docker command itself understands git repositories. So you can build a container from the current master branch of your github project using something like:

docker build -t myproject git@github.com:quentinsf/myproject.git

and docker will do the necessary bits behind the scenes, assuming there’s a Dockerfile in the source. (More details here).

So, suppose you want to build version 1.6 of ‘myapp’ and upload it, appropriately tagged, to your Docker registry, you can do so with a couple of simple commands:

docker build -t dockerregistry.example.com/myapp:1.6 \
             gitrepository.example.com/myapp.git#1.6
docker push dockerregistry.example.com/myapp:1.6

I can run this on my Mac, a Windows machine, or any Linux box, and get a consistent result. Very nice. You could also tag it with the SHA1 fingerprint of the git commit, if wanted.

Listing the containers on your Docker registry

At present, there isn’t a convenient command-line interface for examining what’s actually stored on your registry. If I’m wondering whether one of my colleagues has already created and uploaded a container for one of our services, how would I know? There is, however, an HTTP API which will return the information as JSON, and you can then use the excellent jq utility to extract the bits you need:

curl -s -u user:password https://dockerregistry.example.com/v2/_catalog | jq .repositories[]

If you want to see the version tags available for mycontainer, you can use:

curl -s -u user:password https://dockerregistry.example.com/v2/mycontainer/tags/list | jq .tags[]

And you can of course wrap these in scripts or shell aliases if you use them often.

Hope that’s useful for someone!

Using Little Computers to control Big Computers

Here’s my latest Raspberry Pi-based experiment: the CloudSwitch.

I don’t discuss the software in the video, but the fun thing is that the Pi isn’t dependent on some intermediate server – it’s using the boto module for Python to manage the AWS resources directly.

I decided to build the app slightly differently from the way I would normally approach a little project like this. I knew that, even for this very simple system, I would have several inputs and outputs of various kinds, some of them with big delays, and I wanted to make sure that timing hiccups or race conditions didn’t ever leave the lights displaying something that didn’t represent reality.

So this is only a single python file, but it runs several threads – one that looks for button presses, one that monitors and controls the Amazon server, and one that handles the lights – including flashing them in various patterns. They interact with the main thread using ZeroMQ messages, which is a lovely way to do inter-thread communications without all that nasty messing about with semaphores and mutexes.

Update: Here’s the very simple circuit diagram. The illuminated buttons I used have LEDs which take a little more power than the Raspberry Pi can really drive, so I put a couple of NPN transistors in there. It really doesn’t matter too much what they are – I used the 2N3904.

What is the status of Q?

Anyone who’s starting to tire of my holiday snaps will be pleased to know that I’m back in the UK, and, while I may yet post the odd picture over the next few days, they should decline to a respectable level before long! On Monday, I need to get back to work.

Various friends have been asking just what ‘back to work’ entails for me at present, since my situation has been decidedly vague for a while. So here’s a quick personal update for those interested…

After leaving Camvine in the autumn, I had a bit of a break, and then started a new company, Telemarq Ltd. (Hans Rosling once told me that he had worked out my model: whenever I run out of money, I start a new company! That’s not the intention, but it does sometimes look like that…)

Telemarq was initially formed as a vehicle for the exploration of a new invention. I think I have a good and viable idea, but I don’t have the resources to get it very far on my own (and I haven’t yet filed the patent, which is why I’m not broadcasting the details!)

Anyway, as I was debating whether to go out looking for investors for another startup, I was approached by several different companies who wanted some consultancy work, and I thought they would all would be rather interesting/enjoyable clients. Besides which, my bank account had dwindled to a level where it needed some topping-up!

So, for the moment, Telemarq is a consultancy business through which Rose and I do our work (which means it already has a rather broad remit, since our fields are very different). I’m delighted that Richard Morrison is going to be working part-time under the Telemarq banner too, since he’s one of the nicest and smartest chaps I’ve run into in a long time.

A big part of Telemarq will be software development, but there’s some teaching, some publishing, some intellectual property stuff in the mix already, and we’re only just starting.

May need some more people soon, or some more days in the week…!

To the extent I’ve formulated a coherent plan, it’s this:

To do really good work, on interesting projects, for, and with, people we like.

Not exactly a conventional business mission statement, but I’ve seen a lot worse. It’ll do as a placeholder!

© Copyright Quentin Stafford-Fraser