1.6 KiB
1.6 KiB
1. 私有镜像仓库部署
1.1 拉取镜像
docker pull registry
1.2 设置https
1.2.1 创建证书
openssl req -newkey rsa:4096 -nodes -sha256 -keyout /opt/registry/certs/registry.key -x509 -days 365 -out /opt/registry/certs/registry.crt
1.2.2 创建密码文件
htpasswd -Bbn Securitit 123456 > /opt/registry/auth/htpasswd
1.2.3 创建registry config 文件
version: 0.1
log:
fields:
service: registry
storage:
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
headers:
X-Content-Type-Options: [nosniff]
Access-Control-Allow-Origin: ['*']
Access-Control-Allow-Methods: ['*']
Access-Control-Max-Age: [1728000]
health:
storagedriver:
enabled: true
interval: 10s
threshold: 3
1.2.4 使用ssl 启动容器
docker run -d \
--name registry \
-p 5000:5000 \
--restart=always \
--privileged=true \
-e "REGISTRY_AUTH=htpasswd" \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-v /opt/registry/auth/:/opt/registry/auth \
-e "REGISTRY_AUTH_HTPASSWD_PATH=/opt/registry/auth/htpasswd" \
-v /opt/registry/certs/:/opt/registry/certs \
-v /opt/registry/config/config.yml:/etc/docker/registry/config.yml \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/opt/registry/certs/registry.crt \
-e REGISTRY_HTTP_TLS_KEY=/opt/registry/certs/registry.key \
registry
2. 镜像仓库web管理
docker run -d -p 8080:80 \
--name registry-ui \
--restart=always \
--privileged=true \
-e "REGISTRY_TITLE=Sunqi Docker" \
-e "REGISTRY_URL=https://192.168.0.3:5000" \
joxit/docker-registry-ui:latest