cheng029 发表于 2017-2-6 09:28:07

docker-部署私有仓库Registry

因为生产情况下官方容器还是比较慢的,所以会用到自建docker仓库。docker官方提供完整部署仓库的容器,你只需要提供域名证书,把文件系统挂载到容器,一个用户密码文件就可以使用基本的仓库功能了。数据灾备的话因为使用本地或者第三方存储所以都有很成熟的方案,很方便了。
启动一个registry容器# docker run -d -p 0.0.0.0:5000:5000 --name registryregistry:29ed2f91a7056f1109d2146122930b12f7d077a5404f621647d12eeeb29725260
提交一个本地的镜像到本地仓库#docker tag redis localhost:5000/redis#docker push localhost:5000/redisThe push refers to arepository 4cefd98bbdaf: Pushed552b670af774: Pushedaf287523a42a: Pushedc235d5b4caa3: Pushed307248831aca: Pushed387483b2c715: Pusheda2ae92ffcd29: Pushedlatest: digest:sha256:b41356be6cc70109a9fb6e53e39e930ece67f89189d4453be920f668e1225a06 size:1783
下面情况是因为你本地仓库如果不进行证书认证只能127.0.0.1访问,所以我们要创建密钥#docker tag redis 192.168.198.116:5000/redis#docker push 192.168.198.116:5000/redisThe push refers to arepository Get https://192.168.198.116:5000/v1/_ping:http: server gave HTTP response to HTTPS client

配置一个域名给余名准备一个加密证书,启动容器docker run -d -p5000:5000 --restart=always --name registry \-v /etc/docker/certs:/certs \-eREGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \registry:2

重新提交镜像#docker tag redis registry.nginxs.net:5000/redis#docker push registry.nginxs.net:5000/redisThe push refers to arepository 4cefd98bbdaf: Pushed552b670af774: Pushedaf287523a42a: Pushedc235d5b4caa3: Pushed307248831aca: Pushed387483b2c715: Pusheda2ae92ffcd29: Pushedlatest: digest:sha256:b41356be6cc70109a9fb6e53e39e930ece67f89189d4453be920f668e1225a06 size:1783
给服务添加一个用户验证第一步创建用户密码文件,并修改文件权限# htpasswd -Bbn baishaohua nginxs.net >>/etc/docker/certs/htpasswd# chmod 600 /etc/docker/certs/htpasswd第二步启动容器dockerrun -d -p 5000:5000 --restart=always --name registry \
-v `pwd`/auth:/auth \
-e "REGISTRY_AUTH=htpasswd"\
-e"REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-eREGISTRY_AUTH_HTPASSWD_PATH=/certs/htpasswd \
-v/etc/docker/certs:/certs \
-eREGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
-eREGISTRY_HTTP_TLS_KEY=/certs/domain.key \
registry:2
测试登录#docker login registry.nginxs.net:5000Username (testuser):baishaohuaPassword:Login Succeeded
页: [1]
查看完整版本: docker-部署私有仓库Registry