Deploy with private container registries
Le’s learn how to deploy applications from the private container registries.
SPEKTRA Edge supports private container registrie, sucn as Amazon Elastic Container Registry, Azure Container Registry, or Google Artifact Registry, as the application container registries.
In this document, we’ll learn how to configure the application on SPEKTRA Edge to run the container image hosted on the Azure container registry, a private container registry offered by Microsoft Azure.
What you need
Please have those ready before proceeding:
- Docker Engine and Azure CLI on your local machine
- an access to the SPEKTRA Edge dashboard
- a device provisioned under your project on SPEKTRA Edge
- an access to Azure portal and Azure Container Registry
Device Provisioning
Please follow the getting started guide if you haven’t provision the device on SPEKTRA Edge yet.Push to private registries
We’ll first publish the application image to the Azure container registry.
We’ll use the same application we developed in the develop section. Here is the Dockerfile and hello.py files for your reference.
# syntax=docker/dockerfile:1
FROM ubuntu:22.04
# Prepare the python environment on the image.
RUN apt-get update && apt-get install -y python3 python3-pip
RUN pip install flask==3.0.*
# Copy the Flask app to the image.
COPY hello.py /
# Run the Flask app.
ENV FLASK_APP=hello
EXPOSE 8000
CMD ["flask", "run", "--host", "0.0.0.0", "--port", "8000"]from flask import Flask
app = Flask(__name__)
@app.route("/")
def hello():
return "Hello World!"Copy those two files and place those under the directory like below.
$ tree .
.
├── Dockerfile
└── hello.py
1 directory, 2 files
Under that directory, run the following docker build command to create the application image tagged with the Azure container registry and repotitory name for the publication in the following step.
docker build --tag spektraedge.azurecr.io/awesome .
Registry name
Please replace the registry and the repository name, spektraedge.azurecr.io and awesome part above, to match your setup.
Refer to the official document for the private registry creation on Azure.
Publish the image to the Azure container registry with docker push command.
docker push spektraedge.azurecr.io/awesome:latest
Once it’s pushed, go to the Azure portal and double check if the application image correctly published on Azure container registry.
The application image on Azure container registry.
Great. You’ve successfully published the application image to the private container registry.
Now, you’re ready to configure the application to pull the image from the Azure container registry. But before that, let’s talk about the image secrets next.
Image secrets
The image secrets is a special secret resource maintained by the SPEKTRA Edge platform. It’s meant to be used for storing the credentials to access the private container registries. Hence, we’ll configure the image secrets next before configuring the applications.
Kubernetes private registry support
The SPEKTRA Edge image secret follows the convention used by the Kubernetes.
Please take a look at thier documentation about how to pull an image from a private registry for more information.
Let’s create one here.
Go to the Secrets page by selecting the Secrets from the Applications pull-down option from the left navigation menu.
Select Secrets option of Applications pull-down menu.
Click Add Secret button on the Secrets page to create a new secret.
Click Add Secret to create the image secret.
There are three mandately fields to create a secret. We’ll go over those in detail in the following sections.
Secret display name
This is a case-incensitive alpha-numeric secret name referenced later by the application configuration. Give it a descriptive name for the better secret management.
Secret data key name
This field should be .dockerconfigjson. This follows the Kubernetes convention.
.dockerconfigjson
Please don’t miss the first dot, the period, in the .dockerconfigjson key name, or it would cause the image download error.Secret data key value
This fields contains the base64 encoded private registry credential with the following JSON format.
{
"auths": {
"$REGISTRY_URL": {
"username":"$USERNAME",
"password":"$PASSWORD"
}
}
}In case of the Azure container registry, you can generate the above JSON string by the following shell script with Azure CLI
echo \
{\"auths\":\
{\"$(az acr show --name $REGISTRY_NAME --query loginServer --output tsv)\":\
{\"username\":\"$(az acr credential show --name $REGISTRY_NAME --query username --output tsv)\",\
\"password\":\"$(az acr credential show --name $REGISTRY_NAME --query passwords[0].value --output tsv)\"\
}\
}\
}where you set $REGISTRY_NAME environment variable to your Azure container registry name, e.g. spektraedge in this example.
Convert to base64
Once you have those three values ready, you paste those in the respective fields and click Convert to Base64 button of the Add secret page.
Convert Data key value to base64.
Create the image secret
Click Create to create the image secret for the Azure container registry.
Create Image Secret with base64 encoded Data key value.
Please remember the Secret Name (ID), spektraedge-acurecr-io in this example, for the later reference to deploy your application.
Deploy the application
For the application deployment, we’ll follow the standard application deployment explained in the previous section except one field, the image secrets.
On the Deploy pod page, select the image secret you created in the previous step and just click Deploy as usual.
Click Deploy button to deploy the application with the image secrets set.
Next steps
Congratulations on mastering the deployment with the private container registry on SPEKTRA Edge!
As a next step, let’s learn how to monitor and control applications on SPEKTRA Edge.