搭建docker私有倉庫(用戶認證、web管理)
阿新 • • 發佈:2018-09-30
docker倉庫 http equal rec pre art link spa code
ubuntu:16.04
docker:18.06.0-ce
docker倉庫服務器:192.168.83.102
--------------------------------------分割線--------------------------------------
1、生成私鑰和證書 mkdir conf
openssl req -new -newkey rsa:4096 -days 365 -subj "/CN=localhost" -nodes -x509 -keyout conf/auth.key -out conf/auth.cert
2、創建註冊表配置 vim conf/registry-srv.ym
version: 0.1 storage: filesystem: rootdirectory: /var/lib/registry http: addr: 0.0.0.0:5000 auth: token: # external url to docker-web authentication endpoint realm: http://192.168.83.102:8080/api/auth # should be same as registry.name of registry-web service: 192.168.83.102:5000 # should be same as registry.auth.issuer of registry-web issuer:‘my issuer‘ # path to auth certificate rootcertbundle: /etc/docker/registry/auth.cert
3、啟動容器服務registry-srv
docker run -v /data/registry:/var/lib/registry -v $(pwd)/conf/registry-srv.yml:/etc/docker/registry/config.yml:ro -v $(pwd)/conf/auth.cert:/etc/docker/registry/auth.cert:ro -p 5000:5000 --name=registry-srv --restart=always -d registry:2
4、創建配置文件vim conf/registry-web.yml
registry: # Docker registry url url: http://192.168.83.102:5000/v2 # Docker registry fqdn name: 192.168.83.102:5000 # To allow image delete, should be false readonly: false auth: # Enable authentication enabled: true # Token issuer # should equals to auth.token.issuer of docker registry issuer: ‘my issuer‘ # Private key for token signing # certificate used on auth.token.rootcertbundle should signed by this key key: /conf/auth.key
5、啟動容器服務registry-web
docker run -v $(pwd)/conf/registry-web.yml:/conf/config.yml:ro -v $(pwd)/conf/auth.key:/conf/auth.key -v $(pwd)/db:/data -d -p 8080:8080 --restart=always --link registry-srv --name=registry-web hyper/docker-registry-web
6、通過web訪問服務器地址http://192.168.83.102:8080
默認用戶密碼是admin/admin
搭建docker私有倉庫(用戶認證、web管理)