Virtual Party Space Devlog #20: Docker registries

Today I dug deeper into how Docker works to resolve some error messages, and then started learning about Let’s Encrypt.

Log

• struggled with running docker compose up due to “authentication failed” message, so I took a multiple-hour detour into how docker registries work
  • NOTE: when you get this error it probably means your image doesn’t exist in an “acceptable” registry (doesn’t matter if you can see it locally)
  • existing images were possibly resolving to wrong hash from docker.io, maybe deploying wrong version?
  • solution: create ECR registry, add all locally built images to it
    • can also do local registry but for this ECR makes sense
    • docker has ecr credentials helper built in
      • set ~/.docker/config.json “credsStore” to “ecr-login”
    • https://docs.docker.com/engine/reference/commandline/push/
    • new flow: docker build -t <name>:<tag> -t <remote-name>:<remote-tag> . && docker push && docker compose up --file docker-compose-aws.yml --context <ecscontext>
• use docker rmi to remove unnecessary images
• docker “Pool overlaps with other one on this address space” error or being unable to delete things in Docker Desktop indicates you have ghost docker networks, need to prune
• PARTY NOW RUNNING!
• load balancing ref

Let’s Encrypt time!

• enabled flag in environment variables, quickly got an API timeout
• ECS by default has a “Desired count” of 1, so containers keep spawning and re-running the erroneous encrypt script
  • to prevent this, update the service to “number of tasks” 0. Will automatically reset on next Cloudformation update
• jitsi web host uses acme.sh to do lets encrypt keys in init script
• tried alternatives to standalone mode…nginx/webroot, still always get failure
  • lets encrypt requires healthy server responding on port 80
  • problem is this init script also creates the nginx config files, and if LETS_ENCRYPT flag is true, nginx can’t start without keys. Chicken & egg

About this series

Back in mid-December I started an ambitious project to create a custom platform for a virtual birthday party in February. I kept notes on my progress, both for personal reference and to turn into a series of blog posts. It quickly became apparent that I did not have time to both do the project and blog about the project. I have retroactively decided to post my raw notes as a dev log.