Shulou(Shulou.com)06/01 Report--

Centos6.7 how to build docker private warehouse, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain for you in detail, people with this need can come to learn, I hope you can gain something.

1 the warehouse is configured with https authentication

Cd / etc/docker/

Mkdir certs

[root@docker01 docker] # openssl req-newkey rsa:4096-nodes-sha256-keyout certs/docker01.key-x509-days 365-out certs/docker01.crt

Just fill in the corresponding acronym and email

2 run the registry container

[root@docker01 docker] # docker run-d-P-it\

-p 5000UR 5000-- restart=always\

-- name registry-v `pwd` / certs:/etc/docker/certs/\

-e REGISTRY_HTTP_TLS_CERTIFICATE=/etc/docker/certs/docker01.crt\

-e REGISTRY_HTTP_TLS_KEY=/etc/docker/certs/docker01.key registry

3 configure client docker02

Mkdir-p / etc/docker/certs.d/docker01:5000

Scp docker01:/etc/docker/certs/docker01.crt / etc/docker/certs.d/docker01:5000/ca.crt

View Mirror

[root@docker02 docker] # docker images

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE

Swarm latest 8eadaf3525b0 2 weeks ago 15.77 MB

Upload image

Docker tag swarm docker01:5000/swarm

[root@docker02 docker] # docker push docker01:5000/swarm

Docker01 also needs to configure a certificate to upload data, just like docker02

4. Authentication management

Delete the above registry containers, including the local files of the warehouse

Still operate under the / etc/docker directory

Mkdir auth

Docker run-- entrypoint htpasswd registry-Bbn bsoft bsoft > auth/htpasswd

[root@docker01 docker] # docker run-d-p 5000UR 5000-restart=always\

-- name registry-v `pwd` / certs:/etc/docker/certs/\

-v `pwd` / auth:/auth\

-e "REGISTRY_AUTH=htpasswd"\

-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm"\

-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd\

-v `pwd` / data:/var/lib/registry\

-e REGISTRY_HTTP_TLS_CERTIFICATE=/etc/docker/certs/docker01.crt\

-e REGISTRY_HTTP_TLS_KEY=/etc/docker/certs/docker01.key\

Registry

After startup, push,push needs not only a certificate but also a user, password and mailbox, while pull only needs a certificate.

Note that you need to bring the version number when you pull, but you can't see the version number when you check the curl.

Curl View:

Curl-cacert / etc/docker/certs/docker01.crt-basic-user bsoft:bsoft https://docker01:5000/v2/_catalog

Curl-cacert / etc/docker/certs.d/docker01:5000/ca.crt-basic-user bsoft:bsoft https://docker01:5000/v2/_catalog

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.