Skip to main content

Edgegap's private container registry

note

This feature is not available on the free tier.

Now that you know how to use our platform, you need to containerize your game server. You will need a place to store your container images to be accessible when deploying your game servers.

That is why we created the Edgegap Container Registry. It is a privately managed container repository that works much like standard public container registries, but with the added benefit of increased security, vulnerability scans and other goodies! With high availability and dashboard integration, you will spend less time learning new tools, and your servers will always be ready to go.

Harbor#

Harbor is an open-source registry project trusted by the Cloud Native Computing Foundation (CNCF). Its main objectives are to store your container images, scan for vulnerabilities and secure your artifacts with role-based policies. The Edgegap Container Registry is based upon Harbor. Once your image has been pushed to Harbor, a scanner (Trivy by Aqua) will automatically search for vulnerabilities in your newly pushed image.

Getting your credentials#

To push images, you will first need to authenticate to our registry, and for that, you need credentials. Find the Container Registry tab in the Service section to request your credentials in the sidebar. From there, you can request access to our registry. A staff member will shortly grant you access, and you will be able to access the details of your registry.

In the box in the middle of the screen, you will find everything you need to connect to the registry and push your container images.

img

We create separate sets of credentials to push and pull images to improve security.

FieldDescription
URLThe URL of our container registry. You will need to use it when logging in and pushing images.
ProjectThe name of your assigned project. You must include it in your image repository path.
UsernameThe username to use when logging in to the registry.
TokenThe password to use when logging in to the registry.

You can now login to the repository using your tool of choice:

echo <YOUR_REPOSITORY_TOKEN> | docker login -u <YOUR_REPOSITORY_USERNAME> --password-stdin <THE_REGISTRY_URL>

Docker login Warning#

WARNING! Your password will be stored unencrypted in /home/user/.docker/config.json.

You can configure the credentials store by following this setup. Remember that this warning is normal behaviour from Docker.

It's important that you understand that your robot username, and the token for your private repository are encoded in base64 in your machine at this path $HOME/.docker/config.json. Anybody who has access to this file can easily decrypt your robot account token with a base64 decoder. Ensure that the environment docker login harbor.edgegap.net you use is safe and that the access permissions to this file are restricted.

To remove your credentials from this file, you can easily use docker logout harbor.edgegap.net each time you push and pull your private images.

Pushing an image to the registry#

If you need help containerizing your project, see our documentation on this topic to get you started.

Since you are logged in to the registry, all you need to do is push your image to the URL and project found on the page:

echo docker push <THE_REGISTRY_URL>/<YOUR_PROJECT_NAME>/<DESIRED_REPOSITORY_NAME>:<DESIRED_IMAGE_TAG>

You may push as many images as your storage permits and separate them in different repositories as you see fit. However, you should read the "App templates" section before pushing too many images!

You will then find your repositories on the same page upon refreshing.

Managing your images#

You may see your repositories by going to the same page after you have pushed at least one image.

By clicking on one of those repositories, you can see the images it contains, grouped by artifact. If you tagged the same image with two different tags and pushed those to the registry, you will see them as the same artifact.

img

The images tagged 1.0.1 and 1.0.2 in the picture above have the same artifact. The image tagged 1.0.3, however, has a different artifact.

caution

If you delete an artifact, you will also delete its associated tags.
The confirmation dialogue will list all the tags that this action would delete to ensure you do not accidentally delete needed resources.

App templates and automatic app version creation#

App templates act as application blueprints within the platform and allow the automatic creation of applications when you push new images to our repository.

When you have pushed your first image and can view a repository's details, you can create an app template for this repository with the button in the page header.

img

For the image you pushed in that repository, you can fill this form just as you would the application form.

You will notice the container information fields are missing. We will get to that in a moment.

Once the app template is ready, a corresponding application version will be created on the platform whenever you push a new tag in the repository. Using the "App version" button in the image tag's row, you can access it.

You will see a "Link" button in the rows of the images you have previously pushed to your repository. This is because these images were pushed before the app template was created. Clicking the "Link" button will create a new app version for the selected tag.

You can edit the app template by clicking on the "Edit" button.

Requesting more storage#

When your request for access to the registry has been approved, you will be given a certain amount of storage space in the registry.

You may request additional space by clicking on the "Request more storage" button next to the space usage indicator.

img

When a staff member has approved your request, you will have more space to push your images.

Next steps#

Learn how to containerize your application with our guide: Getting started with Docker.