github.com/alibaba/sealer@v0.8.6-0.20220430115802-37a2bdaa8173/pkg/filesystem/rootfs/containerd/scripts/init-registry.sh

github.com/alibaba/sealer@v0.8.6-0.20220430115802-37a2bdaa8173/pkg/filesystem/rootfs/containerd/scripts/init-registry.sh (about)

     1  #!/bin/bash
     2  # Copyright © 2021 Alibaba Group Holding Ltd.
     3  #
     4  # Licensed under the Apache License, Version 2.0 (the "License");
     5  # you may not use this file except in compliance with the License.
     6  # You may obtain a copy of the License at
     7  #
     8  #     http://www.apache.org/licenses/LICENSE-2.0
     9  #
    10  # Unless required by applicable law or agreed to in writing, software
    11  # distributed under the License is distributed on an "AS IS" BASIS,
    12  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  # See the License for the specific language governing permissions and
    14  # limitations under the License.
    15  
    16  
    17  set -e
    18  set -x
    19  # prepare registry storage as directory
    20  cd $(dirname "$0")
    21  
    22  REGISTRY_PORT=${1-5000}
    23  VOLUME=${2-/var/lib/registry}
    24  REGISTRY_DOMAIN=${3-sea.hub}
    25  
    26  container=sealer-registry
    27  rootfs=$(dirname "$(pwd)")
    28  config="$rootfs/etc/registry_config.yml"
    29  htpasswd="$rootfs/etc/registry_htpasswd"
    30  certs_dir="$rootfs/certs"
    31  image_dir="$rootfs/images"
    32  
    33  mkdir -p "$VOLUME" || true
    34  
    35  startRegistry() {
    36      n=1
    37      while (( n <= 3 ))
    38      do
    39          echo "attempt to start registry"
    40          (nerdctl start $container && break) || (( n < 3))
    41          (( n++ ))
    42          sleep 3
    43      done
    44  }
    45  
    46  load_images() {
    47  for image in "$image_dir"/*
    48  do
    49   if [ -f "${image}" ]
    50   then
    51    nerdctl load -i "${image}"
    52   fi
    53  done
    54  }
    55  
    56  check_registry() {
    57      n=1
    58      while (( n <= 3 ))
    59      do
    60          (nerdctl inspect sealer-registry | grep "\"Status\": \"running\"") && break
    61          if [[ $n -eq 3 ]]; then
    62             echo "sealer-registry is not running, status: $registry_status"
    63             exit 1
    64          fi
    65          (( n++ ))
    66          sleep 3
    67      done
    68  }
    69  
    70  load_images
    71  
    72  ## rm container if exist.
    73  nerdctl rm -f $container || true
    74  ##
    75  rm -rf /var/lib/nerdctl/1935db59/names/default/$container
    76  
    77  regArgs="-d --restart=always \
    78  --net=host \
    79  --name $container \
    80  -v $certs_dir:/certs \
    81  -v $VOLUME:/var/lib/registry \
    82  -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/$REGISTRY_DOMAIN.crt \
    83  -e REGISTRY_HTTP_TLS_KEY=/certs/$REGISTRY_DOMAIN.key"
    84  
    85  if [ -f $config ]; then
    86      sed -i "s/5000/$1/g" $config
    87      regArgs="$regArgs \
    88      -v $config:/etc/docker/registry/config.yml"
    89  fi
    90  
    91  if [ -f $htpasswd ]; then
    92      nerdctl run $regArgs \
    93              -v $htpasswd:/htpasswd \
    94              -e REGISTRY_AUTH=htpasswd \
    95              -e REGISTRY_AUTH_HTPASSWD_PATH=/htpasswd \
    96              -e REGISTRY_AUTH_HTPASSWD_REALM="Registry Realm" registry:2.7.1 || startRegistry
    97  else
    98      nerdctl run $regArgs registry:2.7.1 || startRegistry
    99  fi
   100  
   101  check_registry