Containers: A new way to distribute our software

Software AG has its own container registry – https://containers.softwareag.com

Our support for containers

A lot has changed since 2017 when we first announced partial support for containers. With the time, we understood that building the container images from installations is not optimal. The process requires many tools like the Software AG Installer and Update Manager to prepare an installation and then run additional steps to build the container image itself. Most of those steps must repeated on every new product fix. This practice led to many script samples around the existing tools and docker/podman which produce a ready image with a single command line. All those solutions are very custom, very complex and slow.

In the meantime, Software AG had published demo images on docker-store in the early days of 2018. These demo releases could be used with ease by everybody who wanted to try out our software or get a glimpse of what the new version has to offer – one could just pull the image and then run to get a functioning product in 3-5 minutes. This is the user experience developers have gotten used to and we needed to understand how to fit our standard release mechanism to it.

Why our own registry?

We needed to distribute our production containers via a public container registry while considering the following requirements:

  • Authentication for export regulations.
  • Full control over the image registry – e.g. to remove any image if it contains security vulnerabilities.

Docker Inc. with its new container portal Docker Hub, has a great developer reach, but unfortunately could not satisfy our requirements. This led us to providing our own container registry available at https://containers.softwareag.com.

Here are some key features of our container portal:

  • Provide regularly updated production ready images of our products with BYOL (bring your own license) licensing policy.
  • Available to our existing customers with their Empower accounts.
  • Download images with a generated token (user/password tuple) that is connected to the account but could also be shared or used in a CI/CD script.

We plan to make the portal accessible to our Tech Community users, which can self-register and try out our products with a trial license.

Product variations

Delivery for some products on containers is quite simple – Universal Messaging and API Gateway could be just started and used. The story is different for some other products like the Microservices Runtime (the lightweight Integration Server) as it also serves as a platform for multiple other components – most notably adapters and connectors. Unfortunately, we cannot deliver a container image with all available layered products of the MSR. First, the image will be too big and second, there are commercial restrictions as most customers have licensed different software.

There are several ways to customize MSR image and they all involve a sort of multi-stage docker build - you could either script around the current installer to add product on the image or just copy the prepared products as any packages you would “deploy”. We plan to further simplify the process.

Container registry support policy

The images we provide on our container registry portal are supported for production deployment with a respectable license. They will be updated with the latest product fixes no later than a week after the official fix is available. Hotfixes and patches will not be delivered via the container registry.

Which products are supported on containers?

If you don’t see your product of interest in the container registry or wonder if the adapters you use can run in containers you should check system requirements document from our official documentation.

This document remains the official system requirements reference for all Software AG products.


This article is part of the TECHniques newsletter blog - technical tips and tricks for the Software AG community. Subscribe to receive our quarterly updates or read the latest issue.

4 Likes

Are there any instructions on how to use this? When I try the Docker commands on the Setup Instructions page, I get errors like

docker: Error response from daemon: Head “https://sagcr.azurecr.io/v2/webmethods-microservicesruntime/manifests/10.15.0.0-slim”: unauthorized: authentication required, visit Registry roles and permissions - Azure Container Registry | Microsoft Learn for more information.
See ‘docker run --help’.

Hi @Dave_Laycock1 . Can you clarify what you are trying to do? It seems you want to run the Microservices runtime in a container? At the https://containers.softwareag.com website you can select the Software AG product image you want to use (e.g. Microservices Runtime). If you click the tile, it will show you another page where you have to “agree to terms and conditions” (blah, blah, blah). After you agree you can generate the pull command. BUT if you scoll down, you will see a Setup Instructions tab. This gives examples of using the image. If you are looking for some other info please let us know.

Wayne

Thank you Wayne

When I try the generated docker pull command:

docker pull sagcr.azurecr.io/webmethods-microservicesruntime:10.15.0.0

I get this response message:

Error response from daemon: Head "https://sagcr.azurecr.io/v2/webmethods-microservicesruntime/manifests/10.15.0.0": unauthorized: authentication required, visit https://aka.ms/acr/authorization for more information.

I get the same “unauthorized: authentication required” response from the docker run command on the “Setup Instructions” tab

Am I supposed to provide my Empower credentials in some way?

Hi Dave,

I am exactly in the same error phase.

I have started my docker desktop and logged in there. Logged in to the same account via cli too.
On Cli,provided the Empower creds to.

Getting the same error.

All I am trying to do is: pull the dokcer image from the SoftwareAG container page, since we will be deploying MSR very soon.

Any suggestion, would be helpful. Thanks.

Did you login via the command line with docker login ?
You will need to generate an authentication token from your profile in containers.softwareag.com to use this command.

Hi John,

Yes on cmd, docker login
Supplied my docker desktop creds, says login successful. Thats not the right way ?

  • How to generate a token from software ag
    Container page ? I can login to container gui.
  • when we do docker login, it asks for username and password. Where/how to supply that token ?

Would be great if you point to step by step link/page. Thank you so much.

Click on the user pictogram in the top right corner.

Then select the “Settings” option, which takes you to this screen:

Then agree to the Software AG’s terms and conditions by clicking on the tick box (don’t click on the “Got it!” button.

The docker login command will then be displayed in this modal window.

To access this container registry in your K8S / OpenShift deployments, you need to create a docker-registry secret using the following command:

kubectl create secret docker-registry sagregcred --docker-server=sagcr.azurecr.io --docker-username=<your-user-name> --docker-password=<your-password> --docker-email=<yor-email>

Where corresponds to the docker login username (-u) and to the docker login password (-p).
The email address is the one attached to your user account.

Once you have created this secret, you need to reference it in your deployment, under “spec.template.spec” (at the same level as “containers”):

      imagePullSecrets:
      - name: sagregcred

Thank you so much. I could manage to login locally on my computer and able to run.