-
Notifications
You must be signed in to change notification settings - Fork 640
Run Docker on a GCE Container Optimized VM
Matt Duftler edited this page Jul 21, 2015
·
6 revisions
- Creating a bucket on Google Cloud Storage to hold your docker images
- Provisioning a Container-Optimized VM on Google Compute Engine to run both the Docker daemon and a Docker registry
- Configuring the Docker daemon to allow for remote HTTP invocations
- Instructing the Docker daemon to launch a Docker registry container configured to use GCS to store images
- A Google Cloud Platform project with the following APIs enabled (use the Developers Console to manage your projects):
- Google Cloud Storage
- Google Compute Engine
- (To enable these APIs, navigate in the Developers Console to: Projects->{your-project-name}->APIs & auth->APIs. If any of the required APIs are missing from the Enabled APIs list find them in the Browse APIs panel and enable them.)
- The gcloud tool installed on your local workstation
# Replace these values with values that make sense for your use case.
# The Project ID must already exist. This is the GCP Project Id, not the Project Name.
# The value specified below will be the default project id you are currently using with
# gcloud; however, you may want to change it to deploy docker into a different project.
#
# The Google Cloud Storage bucket but be globally unique.
# We will create the storage bucket using this name below.
#
# The instance name should be unique within your project.
# We will create the instance below.
export GCP_PROJECT_ID=$(gcloud config list | grep "project = " | sed 's/project = //g')
export GCE_INSTANCE_NAME=my-docker-instance
export GCS_BUCKET_NAME=${USER}-docker-registry
Create GCS bucket for use by docker registry (the bucket name you select must be globally unique):
gsutil mb -p $GCP_PROJECT_ID gs://$GCS_BUCKET_NAME
gcloud compute instances create \
--project $GCP_PROJECT_ID \
--zone us-central1-f \
--machine-type n1-standard-1 \
--boot-disk-size 500GB \
--image container-vm \
--scopes=storage-rw \
$GCE_INSTANCE_NAME
gcloud compute ssh \
--project $GCP_PROJECT_ID \
--zone us-central1-f \
$GCE_INSTANCE_NAME
export GCS_BUCKET_NAME=${USER}-docker-registry
Edit docker configuration to allow us to use the Docker Remote API:
sudo vi /etc/default/docker
Note: Make sure you thoroughly understand the implications of the following change before you make it. Using 0.0.0.0:7104
effectively allows any ip on the same network to connect to port 7104 and issue Docker commands. Read more here about binding Docker to particular host/port combinations.
Replace the existing DOCKER_OPTS line with a line similar to the following (taking into account the security requirements of your particular situation):
DOCKER_OPTS="-H tcp://0.0.0.0:7104 -H unix:///var/run/docker.sock -r=false"
sudo service docker restart
curl localhost:7104/images/json
Retrieve and run google/docker-registry (Docker registry with Google Cloud Storage driver):
sudo docker run -d \
-e GCS_BUCKET=$GCS_BUCKET_NAME \
-p 5000:5000 \
google/docker-registry
curl localhost:5000
exit