Edgegap's private container registry
note
This feature is not available on the free tier.
Now that you know how to use our platform, you need to containerize your game server. You will need a place to store your container images to be accessible when deploying your game servers.
That is why we created the Edgegap Container Registry. It is a privately managed container repository that works much like standard public container registries, but with the added benefit of increased security, vulnerability scans and other goodies! With high availability and dashboard integration, you will spend less time learning new tools, and your servers will always be ready to go.
#
HarborHarbor is an open-source registry project trusted by the Cloud Native Computing Foundation (CNCF). Its main objectives are to store your container images, scan for vulnerabilities and secure your artifacts with role-based policies. The Edgegap Container Registry is based upon Harbor. Once your image has been pushed to Harbor, a scanner (Trivy by Aqua) will automatically search for vulnerabilities in your newly pushed image.
#
Getting your credentialsTo push images, you will first need to authenticate to our registry, and for that, you need credentials.
Find the Container Registry
tab in the Service
section to request your credentials in the sidebar.
From there, you can request access to our registry. A staff member will shortly grant you access, and you will be able to access the details of your registry.
In the box in the middle of the screen, you will find everything you need to connect to the registry and push your container images.
We create separate sets of credentials to push and pull images to improve security.
Field | Description |
---|---|
URL | The URL of our container registry. You will need to use it when logging in and pushing images. |
Project | The name of your assigned project. You must include it in your image repository path. |
Username | The username to use when logging in to the registry. |
Token | The password to use when logging in to the registry. |
You can now login to the repository using your tool of choice:
- Docker
#
Docker login WarningYou can configure the credentials store by following this setup. Remember that this warning is normal behaviour from Docker.
It's important that you understand that your robot username,
and the token for your private repository are encoded in base64 in your machine at this path $HOME/.docker/config.json
.
Anybody who has access to this file can easily decrypt your robot
account token with a base64 decoder. Ensure that the environment docker login harbor.edgegap.net
you use is safe and that the
access permissions to this file are restricted.
To remove your credentials from this file, you can easily use
docker logout harbor.edgegap.net
each time you push
and pull your private images.
#
Pushing an image to the registryIf you need help containerizing your project, see our documentation on this topic to get you started.
Since you are logged in to the registry, all you need to do is push your image to the URL and project found on the page:
- Docker
You may push as many images as your storage permits and separate them in different repositories as you see fit. However, you should read the "App templates" section before pushing too many images!
You will then find your repositories on the same page upon refreshing.
#
Managing your imagesYou may see your repositories by going to the same page after you have pushed at least one image.
By clicking on one of those repositories, you can see the images it contains, grouped by artifact. If you tagged the same image with two different tags and pushed those to the registry, you will see them as the same artifact.
The images tagged 1.0.1
and 1.0.2
in the picture above have the same artifact. The image tagged 1.0.3
, however, has a different artifact.
caution
If you delete an artifact, you will also delete its associated tags.
The confirmation dialogue will list all the tags that this action would delete to ensure you do not accidentally delete needed resources.
#
App templates and automatic app version creationApp templates act as application blueprints within the platform and allow the automatic creation of applications when you push new images to our repository.
When you have pushed your first image and can view a repository's details, you can create an app template for this repository with the button in the page header.
For the image you pushed in that repository, you can fill this form just as you would the application form.
You will notice the container information fields are missing. We will get to that in a moment.
Once the app template is ready, a corresponding application version will be created on the platform whenever you push a new tag in the repository. Using the "App version" button in the image tag's row, you can access it.
You will see a "Link" button in the rows of the images you have previously pushed to your repository. This is because these images were pushed before the app template was created. Clicking the "Link" button will create a new app version for the selected tag.
You can edit the app template by clicking on the "Edit" button.
#
Requesting more storageWhen your request for access to the registry has been approved, you will be given a certain amount of storage space in the registry.
You may request additional space by clicking on the "Request more storage" button next to the space usage indicator.
When a staff member has approved your request, you will have more space to push your images.
#
Next stepsLearn how to containerize your application with our guide: Getting started with Docker.