Container Registry Setup
A container registry is required for cluster deployments. When you deploy to a Docker Swarm cluster, Appliku builds the Docker image on a build server, pushes it to the registry, and cluster nodes pull it during deployment.
Why a Container Registry Is Needed
In standalone mode, the built image stays on the same server that runs the application. In cluster mode, multiple nodes need access to the image. A container registry acts as the shared storage layer between build servers and cluster worker nodes.
Recommended Registries
| Registry | URL | Best For |
|---|---|---|
| GitHub Container Registry | ghcr.io | Projects hosted on GitHub |
| GitLab Container Registry | registry.gitlab.com | Projects hosted on GitLab |
| Docker Hub | docker.io | General use, public images |
| DigitalOcean Container Registry | registry.digitalocean.com | DO-hosted infrastructure |
| AWS ECR | <account>.dkr.ecr.<region>.amazonaws.com | AWS-hosted infrastructure |
The easiest option is to use the container registry from the same platform where your Git repository is hosted -- GitHub Container Registry (ghcr.io) or GitLab Container Registry. Authentication tokens are straightforward to generate.
Setting Up Credentials
Step 1: Generate an Access Token
For GitHub (ghcr.io):
- Go to GitHub Settings > Developer settings > Personal access tokens
- Create a new token (classic) with the
write:packagesandread:packagesscopes - Note your GitHub username and the generated token
For GitLab:
- Go to your GitLab project > Settings > Access Tokens (or use a Personal Access Token)
- Create a token with the
read_registryandwrite_registryscopes - The username is typically your GitLab username or the token name
For Docker Hub:
- Go to Docker Hub > Account Settings > Security > Access Tokens
- Create a new access token
- Use your Docker Hub username and the generated token
Step 2: Add Credentials to Your Cluster
-
Open the Appliku dashboard and navigate to your cluster
-
Go to the cluster Settings section
-
Find the Container Registry configuration
-
Enter the following:
- Registry URL -- e.g.,
ghcr.io,registry.gitlab.com, ordocker.io - Username -- your registry username
- Password / Token -- your access token
- Registry URL -- e.g.,
-
Save the credentials
Appliku verifies the credentials upon saving. Once verified, the credentials are:
- Stored securely on the Appliku platform
- Distributed to the leader node immediately
- Propagated to all worker nodes during deployment
Step 3: Verify
After adding credentials, deploy an application to the cluster. The build log should show the image being pushed to your registry, and worker nodes should pull it successfully.
Credential Updates
If you rotate your access token:
- Update the credentials in the cluster settings
- Appliku redistributes the new credentials to all nodes on the next deployment
Troubleshooting
| Issue | Solution |
|---|---|
| Push fails with "unauthorized" | Verify the token has write permissions to the registry |
| Pull fails on worker nodes | Credentials may not have propagated -- trigger a new deployment |
| Image not found | Check that the registry URL matches the image path used during build |
Next Steps
- Deploying to a Cluster -- Deploy your first cluster application
- Setting Up a Cluster -- Full cluster creation guide