Select the version of your OS from the tabs below. If you don't know the version you are using, run the command
cat /etc/os-release or
cat /etc/issue on the board.
Remember that you can always refer to the Torizon Documentation, there you can find a lot of relevant articles that might help you in the application development.
One of the most famous container registries - Docker Hub - allows people to host a single private container image with the free tier. As you may want to protect your application's intellectual property, you might want to use a private registry yourself: either Docker Hub with a paid tier, an alternative such as AWS or Azure container registries, or even a self-hosted registry.
It is straightforward to manually run a container hosted in a private registry: you'll be prompted for credentials or use the
docker login command. With TorizonCore, due to the unattended deployment of credentials to hundreds or thousands of devices, you must somehow deploy the credentials in a scalable way. It will allow TorizonCore Builder Tool to Pre-provision Docker Containers onto a TorizonCore image, and Torizon OTA to update your application.
The following prerequisites are required to follow along with these instructions.
credentials.zipfile downloaded from your account on the Torizon OTA dashboard.
To install TorizonCore Builder, follow the instructions below, in order.
Create and enter a working directory where your customization will be stored:
$ mkdir ~/tcbworkdir $ cd ~/tcbworkdir
Use the setup script named tcb-env-setup.sh, available on the Toradex Github, to setup TorizonCore Builder:
$ wget https://raw.githubusercontent.com/toradex/tcb-env-setup/master/tcb-env-setup.sh $ source tcb-env-setup.sh
Verify that the command
torizoncore-builder is available:
$ torizoncore-builder --help
Warning: Make sure to: (1) source the script, (2) every time you open a new terminal, (3) inside the working directory you have previously created. Otherwise, it will not work as intended and, most importantly, the
torizoncore-builder alias will not be created properly.
Note: This only applies to container updates via OTA. If you want to pull/access a private registry outside of the context of Torizon OTA then just perform a normal
For quick tests and development you can set up just a single device for private registry access. On your TorizonCore device enter the following command:
# sudo docker --config /etc/docker login
Once prompted, enter the username and password for your private registry. If successful, this will create a
config.json file in
/etc/docker on the device. This file contains authentication information that is used by Docker if needed. TorizonCore and Torizon OTA are configured so that any container update that is pushed to the device will look for the
config.json file in this location, if needed.
Moving on, once you've entered the above command this specific device should be good to go. From the "Torizon OTA Dashboard" you can schedule a container update for this device.
Fore more information on setting up a container update please see the "Updating Containers with Torizon OTA" lesson of our Quickstart Guide. If you want to learn more, read the article Torizon OTA Web Interface.
Later on in development or during early production you'll most likely be working with multiple devices. It would be very tedious to need to
docker login, and add credentials to each device individually.
Warning: Before continuing make sure you have TorizonCore Builder installed on your development machine, as pointed out in this article's Prerequisites section.
First, start with a single TorizonCore device and use
docker login like before:
# sudo docker --config /etc/docker login
We're going to use TorizonCore Builder to capture these credentials and create a customized TorizonCore image. Since the
config.json file is located in
/etc we can easily isolate the changes and create a new image.
How to do this is described in the article Capturing Changes in the Configuration of a Board on TorizonCore.
To summarize the steps you'll need to follow from the article above:
By the end of this process, you'll have a new Toradex Easy Installer that you can then flash to multiple boards. Any board you flash with this image will have the
config.json file with your credentials information in
Now you can push a container update to all of your boards and they should be able to access your private registry.
It may be the case your devices are already deployed or you want to update the credentials on those devices. For this case, we will leverage Torizon OTA.
First of all, go through all the steps in the previous section as they are all required here. Also, make sure you have your
credentials.zip file from the "Torizon OTA Dashboard" ready.
Once you have your custom TorizonCore image with Docker credentials, you can go ahead and push it to Torizon OTA. Full details on the steps can be found in our article Signing and Pushing TorizonCore Images to Torizon OTA.
To summarize the steps:
As you can see the steps are very similar to the previous section. But, instead of a
deploy as the last step, we instead
push the changes to Torizon OTA.
Once done you'll have a custom package on the "Torizon OTA Dashboard" with your credentials baked in. Then, you must do the following: