搭建私有仓库Registry(Docker Hub)
搭建私有仓库Registry(Docker Hub)
-
安装Docker
-
拉取仓库镜像:# docker pull registry
-
生成认证certificate
mkdir ~/certs openssl req -newkey rsa:4096 -nodes -sha256 -keyout /root/certs/domain.key -x509 -days 365 -out /root/certs/domain.crt # 期间输入域名:internal.dockerhub.io -
复制认证到docker:
mkdir /etc/docker/certs.d/internal.dockerhub.io cp /root/certs/domain.crt /etc/docker/certs.d/internal.dockerhub.io/domain.crt -
启动仓库镜像
docker run -d --restart=always --name registry \ -v /root/docker/registry:/var/lib/registry \ -v /root/certs:/root/certs \ -v /root/auth:/root/auth \ -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \ -e REGISTRY_HTTP_TLS_CERTIFICATE=/root/certs/domain.crt \ -e REGISTRY_HTTP_TLS_KEY=/root/certs/domain.key \ -p 443:443 registry -
修改主机映射
vi /etc/hosts 192.168.184.166 mydockerhub.com -
创建一个镜像
docker pull hello-world docker tag hello-world internal.dockerhub.io/hello-world docker push internal.dockerhub.io/hello-world docker rmi internal.dockerhub.io/hello-world docker pull internal.dockerhub.io/hello-world -
使用Rest API查看
curl -k --tlsv1 https://internal.dockerhub.io/v2/_catalog curl -k --tlsv1 -X GET https://internal.dockerhub.io/v2/hello-world/tags/list -
添加http basic authentication
htpasswd -Bbn testuser testpassword > /root/auth/htpasswd -
重启
docker run -d --restart=always --name registry \ -v /root/docker/registry:/var/lib/registry \ -v /root/certs:/root/certs \ -v /root/auth:/root/auth \ -e "REGISTRY_AUTH=htpasswd" \ -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \ -e "REGISTRY_AUTH_HTPASSWD_PATH=/root/auth/htpasswd" \ -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \ -e REGISTRY_HTTP_TLS_CERTIFICATE=/root/certs/domain.crt \ -e REGISTRY_HTTP_TLS_KEY=/root/certs/domain.key \ -p 443:443 registry -
登录仓库
docker login internal.dockerhub.io username:testuser password:testpassword -
保存镜像
docker save -o registry.tar registry docker save -o hello-world.tar hello-world
