使用Docker Registry进行Private Docker Registry的搭建 0. 首先获取Registry的镜像 $ sudo docker pull registry:2 1. 将镜
使用Docker Registry进行Private Docker Registry的搭建
0. 首先获取Registry的镜像
$ sudo docker pull registry:21. 将镜像的Docker Registry配置文件拷贝到host机器
$ sudo docker run -it --rm --entrypoint cat registry:2 /etc/docker/registry/config.yml > config.yml2. 编辑config.yml,加入proxy配置
$ vi config.yml->proxy:-> remoteurl: http://c179668e.m.daocloud.io3. 启动镜像
$ docker run -d -p 5000:5000 --restart=always --name registry / -v `pwd`/config.yml:/etc/docker/registry/config.yml / registry:24. 添加非安全Registry
--insecure-registry=dr:50005. 设置默认Registry
--registry-mirror=http://dr:50006. 获取镜像
$ sudo docker pull [host:5000/library/]nginx如果Private Registry中没有cache的镜像,会先去proxy中pull,然后客户端获取,以后的pull,就直接从Private Registry中获取。
添加基本授权
0. 配置config.yml
auth: htpasswd: realm: basic-realm path: /etc/docker/registry/htpasswd1. 添加htpasswd文件
$ sudo docker exec registry htpasswd -Bbc /etc/docker/registry/htpasswd geeks geek-s
配置https
0. 生成证书
$ openssl genrsa -out dr.key$ openssl req -new -key dr.key -out dr.csr$ openssl x509 -req -in dr.csr -signkey dr.key -out dr.crt1. 配置config.yml
http: addr: :5000 headers: X-Content-Type-Options: [nosniff]add-------> tls: certificate: /etc/docker/registry/dr.crt key: /etc/docker/registry/dr.keyadd------->
PS:https://hub.docker.com/r/library/registry
PS:https://docs.docker.com/registry
PS:https://docs.docker.com/registry/configuration
