Load balancing Docker Registry v2 with HAProxy on Tutum

Did the following on Tutum:

Registry

  1. Started a registry:2.1.1 service
  2. Published the port 5000 and configured the registry service with:

  3. Docker access elasticsearch endpoint from host
  4. How to test the docker containers startup time
  5. Azure Docker Container - how to pass startup commands to a docker run?
  6. Can we rename an output image from “packer build” command over-riding the image name given in packer.json file during run-time?
  7. certbot.main:Exiting abnormally
  8. Is it possible to start a shell session in a running container (without ssh)
  9. VIRTUAL_HOST=https://my-registry.my-host.net
    TCP_PORTS=5000/ssl
    SSL_CERT="..."
    
  10. Now, pointed the my-registry.my-host.net DNS to the registry service endpoint and testing the registry with:

    docker login my-registry.my-host.net:5000
    

    Works just fine, including the SSL!

HAProxy

  1. Started a tutum/haproxy:latest service, published the 443 port, added API access and linked to the registry service, everything else is default
  2. Pointed my-registry.my-host.net DNS to the haproxy service endpoint and tested the registry login with:

    docker login my-registry.my-host.net
    

    This time, the request fails with:

    503 Service Unavailable
    No server is available to handle this request.
    

What am I missing?

Note: everything was done from Tutum’s Dashboard web UI.

Additionally, here’s the generated haproxy.cfg from the HAProxy service container, for those who have experience with HAProxy, but not necessarily with Tutum:

https://gist.github.com/lazabogdan/3bf52984faa092b1a50b (note: the registry service ID has been masked with XXXXXXXX and the real FQDN has been replaced with my-registry.my-host.net)

  • list of premade docker-compose.yml configurations
  • Docker confusion
  • Docker: trouble connecting to mysql, network issue?
  • Unable to access docker containers from host over macvlan network
  • Overriding inherited CMD in Dockerfile does not always work?
  • How can i execute commands inside containers during host provision
  • One Solution collect form web for “Load balancing Docker Registry v2 with HAProxy on Tutum”

    Solved it.

    I had to do the following:

    1. Update the environment variable for the registry service from TCP_PORTS=5000/ssl to TCP_PORTS=5000

    2. On the haproxy service, expose port 5000 on the container AND publish it on the host to port 443.

    3. Now, I can successfully do:

      docker login my-registry.my-host.net
      
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.