十、docker 仓库(registry)
一、创建一个普通仓库
1、创建仓库
docker run -d -p 5000:5000 --restart=always --name registry -v /opt/myregistry:/var/lib/registry registry
2、修改配置文件,使之支持http
[root@docker01 ~]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com"],
"insecure-registries": ["10.0.0.100:5000"]
}
重启docker让修改生效
[root@docker01 ~]# systemctl restart docker.service
3、修改镜像标签
[root@docker01 ~]# docker tag busybox:latest 10.0.0.100:5000/xcn/busybox:1.0
[root@docker01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos6-ssh latest 3c2b1e57a0f5 18 hours ago 393MB
httpd 2.4 2e202f453940 6 days ago 179MB
10.0.0.100:5000/xcn/busybox 1.0 5b0d59026729 8 days ago 1.15MB
4、将新打标签的镜像上传镜像到仓库
[root@docker01 ~]# docker push 10.0.0.100:5000/xcn/busybox
二、带basic认证的仓库
1、安装加密工具
[root@docker01 xcn]# yum install httpd-tools -y
2、设置认证密码
mkdir /opt/registry-var/auth/ -p
htpasswd -Bbn xcn 123456 > /opt/registry-var/auth/htpasswd
3、启动容器,在启动时传入认证参数
docker run -d -p 5000:5000 -v /opt/registry-var/auth/:/auth/ -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry
4、使用验证用户测试
# 登陆用户
[root@docker01 ~]# docker login 10.0.0.100:5000
Username: xcn
Password: 123456
Login Succeeded
# 推送镜像到仓库
[root@docker01 ~]# docker push 10.0.0.100:5000/xcn/busybox
The push refers to repository [10.0.0.100:5000/xcn/busybox]
4febd3792a1f: Pushed
1.0: digest: sha256:4cee1979ba0bf7db9fc5d28fb7b798ca69ae95a47c5fecf46327720df4ff352d size: 527
#认证文件的保存位置
[root@docker01 ~]# cat .docker/config.json
{
"auths": {
"10.0.0.100:5000": {
"auth": "Y2xzbjoxMjM0NTY="
},
"https://index.docker.io/v1/": {
"auth": "Y2xzbjpIenNAMTk5Ng=="
}
},
"HttpHeaders": {
"User-Agent": "Docker-Client/17.12.0-ce (linux)"
}
}
至此,一个简单的docker镜像仓库搭建完成