General Introduction
Cloudflare Serverless Registry is a serverless container registry based on Cloudflare Workers and R2 storage. It supports push and pull of images and provides username password and public key based JWT authentication. The project is easy to deploy, compatible with Docker operations, and suitable for managing container images in a serverless environment. Despite some limitations, Serverless Registry provides a lightweight and scalable solution for developers.
Function List
- Support for mirror push and pull
- Provide username password and JWT authentication
- Compatible with Docker operations
- Support for fallback to other registries
- Easy to deploy and manage
Using Help
Installation and deployment
- Installing dependencies: Use pnpm to install all dependencies (other package managers may work, but only pnpm is supported).
$ pnpm install
- Preparing the wrangler file: Copy the example file and configure it.
$ cp wrangler.toml.example wrangler.toml
- Setting up the R2 Storage Bucket: Create an R2 storage bucket.
$ npx wrangler --env production r2 bucket create r2-registry
- Configuring wrangler.toml: Add the R2 storage bucket configuration to the wrangler.toml file.
r2_buckets = [ { binding = "REGISTRY", bucket_name = "r2-registry" } ]
- Deployment Registry: Deploy the registry to a production environment.
$ npx wrangler deploy --env production
User Name Password Authentication
- Setting the user name and password: Set the username and password to confidential.
$ npx wrangler secret put USERNAME --env production $ npx wrangler secret put PASSWORD --env production
JWT Certification
- Add JWT public key: Add a base64-encoded JWT public key to authenticate the password or token.
$ npx wrangler secret put JWT_REGISTRY_TOKENS_PUBLIC_KEY --env production
Pushing and Pulling Images with Docker
- Logging into Docker: Log in to Docker with your username and password.
export REGISTRY_URL=your-url-here echo $PASSWORD | docker login --username $USERNAME --password-stdin $REGISTRY_URL
- push mirror (computing): Push the image to the registry.
docker pull ubuntu:latest docker tag ubuntu:latest $REGISTRY_URL/ubuntu:latest docker push $REGISTRY_URL/ubuntu:latest
- Pulling Mirrors: Pull the image from the registry.
docker rmi ubuntu:latest docker pull $REGISTRY_URL/ubuntu:latest
Configuring pullbacks
- Setting the fallback registry: Configure the fallback registry in the wrangler.toml file.
[env.production] REGISTRIES_JSON = "[{ \ "registry\": \ "url-to-other-registry\", \ "password_env\": \ "REGISTRY_TOKEN\", \ "username\": \ "username-to-use\" }]"
- Setting the registry token: Set the registry token to confidential.
cat . /registry-service-credentials.json | base64 | wrangler --env production secrets put REGISTRY_TOKEN