搭建私有倉庫Registry(Docker Hub)
-
安裝Docker
-
拉取倉庫鏡像:# docker pull registry
-
生成認證certificate
mkdir ~/certs openssl req -newkey rsa:4096 -nodes -sha256 -keyout /root/certs/domain.key -x509 -days 365 -out /root/certs/domain.crt # 期間輸入域名:internal.dockerhub.io
-
複製認證到docker:
mkdir /etc/docker/certs.d/internal.dockerhub.io cp /root/certs/domain.crt /etc/docker/certs.d/internal.dockerhub.io/domain.crt
-
啓動倉庫鏡像
docker run -d --restart=always --name registry \ -v /root/docker/registry:/var/lib/registry \ -v /root/certs:/root/certs \ -v /root/auth:/root/auth \ -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \ -e REGISTRY_HTTP_TLS_CERTIFICATE=/root/certs/domain.crt \ -e REGISTRY_HTTP_TLS_KEY=/root/certs/domain.key \ -p 443:443 registry
-
修改主機映射
vi /etc/hosts 192.168.184.166 mydockerhub.com
-
創建一個鏡像
docker pull hello-world docker tag hello-world internal.dockerhub.io/hello-world docker push internal.dockerhub.io/hello-world docker rmi internal.dockerhub.io/hello-world docker pull internal.dockerhub.io/hello-world
-
使用Rest API查看
curl -k --tlsv1 https://internal.dockerhub.io/v2/_catalog curl -k --tlsv1 -X GET https://internal.dockerhub.io/v2/hello-world/tags/list
-
添加http basic authentication
htpasswd -Bbn testuser testpassword > /root/auth/htpasswd
-
重啓
docker run -d --restart=always --name registry \ -v /root/docker/registry:/var/lib/registry \ -v /root/certs:/root/certs \ -v /root/auth:/root/auth \ -e "REGISTRY_AUTH=htpasswd" \ -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \ -e "REGISTRY_AUTH_HTPASSWD_PATH=/root/auth/htpasswd" \ -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \ -e REGISTRY_HTTP_TLS_CERTIFICATE=/root/certs/domain.crt \ -e REGISTRY_HTTP_TLS_KEY=/root/certs/domain.key \ -p 443:443 registry
-
登錄倉庫
docker login internal.dockerhub.io username:testuser password:testpassword
-
保存鏡像
docker save -o registry.tar registry docker save -o hello-world.tar hello-world