Shulou(Shulou.com)05/31 Report--

This article introduces how to use Docker Enterprise Edition to build your own private registration server, the content is very detailed, interested friends can refer to, hope to be helpful to you.

Docker is really cool, especially compared to using a virtual machine, moving Docker images is very easy. If you are ready to use Docker, you must have pulled the full image from Docker Hub. Docker Hub is Docker's cloud registration server service, which contains thousands of Docker images to choose from. If you develop your own software package and create your own Docker image, you will want to have your own private registration server. If you have an image with a proprietary license, or if you want to provide a complex continuous integration (CI) process for your build system, you should have your own private registration server.

Docker Enterprise Edition includes Docker trusted Registration Server (Docker Trusted Registry) (DTR). This is a highly available registration server with secure image management capabilities, built to run on your own data center or cloud-based architecture. Next, we will learn that DTR is a key component of providing a secure, reusable, and continuous software supply chain. You can start using our free hosting sample immediately, or you can download and install it for a 30-day free trial. Here are the steps to start your own installation.

Configure Docker Enterprise Edition

DTR runs on top of the Universal Control Panel (UCP), so install a single-node cluster before you start. If you already have your own UCP cluster, you can skip this step. On your docker hosting host, run the following command:

# pull and install UCP docker run-it-rm-v / var/run/docker.sock:/var/run/docker.sock-name ucp docker/ucp:latest install

When UCP is up and running, there are a few more things you need to do before installing DTR. Open a browser for the UCP instance you just installed. There should be a link at the end of the log output. If you already have a license for Docker Enterprise Edition, enter it on this interface. If you don't already have it, you can visit the Docker store for a 30-day free trial.

After preparing the license, you may need to change the port on which UCP is running. Because this is a single-node cluster, DTR and UCP may run their web services on the same port. If you have a UCP cluster with more than one node, this is not a problem, because DTR will look for nodes that need free ports. In UCP, click "Administrator Settings-> Cluster configuration" and modify the controller port, such as 5443.

Install DTR

We are going to install a simple, single-node DTR instance. If you are installing DTR for actual production use, you will set it to HA mode, which means you need another storage medium, such as cloud-based object storage or NFS (LCTT Network File System). Because we are currently installing a single-node instance, we still use the default local storage.

First, we need to pull the bootstrap image of DTR. The boostrap image is a tiny stand-alone installer that includes all the containers, volumes, and logical networks needed to connect to UCP and to set up and start DTR.

Use the command:

# pull and run the DTR bootstrap docker run-it-rm docker/dtr:latest install-ucp-insecure-tls

Note: by default, both UCP and DTR have their own certificates and are not recognized by the system. If you have set up UCP with a TLS certificate trusted by the system, you can omit the-ucp-insecure-tls option. In addition, you can use the-ucp-ca option to specify the CA certificate of UCP directly.

The DTR bootstrap image will then let you determine several settings, such as the URL address of the UCP installation and the administrator's user name and password. It only takes one to two minutes from pulling all the DTR images to setting them up.

Keep everything safe.

When everything is ready, you can push or pull the image from the registration server. Before doing this, let's set up the TLS certificate to communicate securely with DTR.

On Linux, we can use the following command (just make sure that the DTR_HOSTNAME variable is changed to correctly map the DTR we just set):

# pull CA certificate from DTR (if curl is not available, you can use wget) DTR_HOSTNAME=

Curl-k https://$(DTR_HOSTNAME)/ca > $(DTR_HOSTNAME). Crt sudo mkdir / etc/docker/certs.d/$ (DTR_HOSTNAME) sudo cp $(DTR_HOSTNAME) / etc/docker/certs.d/$ (DTR_HOSTNAME) # restart the docker daemon (on Ubuntu 14.04, use the command `sudo service docker restart`) sudo systemctl restart docker

For Mac and Windows versions of Docker, we will install the client in different ways. Go to "Settings-> daemons" and enter your DTR hostname in the "unsafe Registration Server" section. Click "apply" and the docker daemon should work well after restarting.

Push and pull images

Now we need to set up a warehouse to store the images. This is a little different from Docker Hub, if your docker push repository does not exist, it will automatically create one. To create a repository, open https:// in a browser and log in with your administrator credentials when prompted. If you add a license to UCP, DTR will automatically obtain the license. If not, please confirm to upload your license now.

After entering the previous page, click the "New Warehouse" button to create a new warehouse.

We will create a repository for storing Alpine linux, so type "alpine" in the name input and click "Save" (called "create" in DTR 2.5 and later).

Now let's go back to the shell interface and enter the following command:

# pull the * version of Alpine Linux docker pull alpine:latest # Log in to the new DTR instance docker login # marked with Alpine to enable it to push to your DTR docker tag alpine:latest / admin/alpine:latest # push image docker push / admin/alpine:latest to DTR

okay! We just pushed a copy of * * Alpine Linux, re-tagged it to store it in DTR, and pushed it to our private registration server. If you want to pull the image to a different Docker engine, set your DTR certificate as shown above, and then execute the following command:

# pull image docker pull / admin/alpine:latest from DTR

DTR has many excellent mirror management functions, such as mirror caching, image, scanning, signing, and even automating supply chain policies.

On how to use Docker Enterprise Edition to build their own private registration server to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.