Shulou(Shulou.com)06/02 Report--

In this issue, the editor will bring you about how to build a private warehouse of docker registry. The article is rich in content and analyzes and narrates it from a professional point of view. I hope you can get something after reading this article.

Abstract

As docker uses more and more images, you need to have a place to keep the images, which is the repository. At present, there are two commonly used warehouses: public warehouse and private warehouse. The most convenient thing is to use the public warehouse to upload and download. You don't need to register to download the image of the public warehouse, but you need to register when uploading. Registry and Harbor are the most commonly used private repositories, so how to build registry private repositories is described in detail.

I. Environmental preparation

Two CentOS7.4, one for Docker private warehouse and the other for Docker client.

II. Configure the registry private warehouse # echo "net.ipv4.ip_forward = 1" > > / etc/sysctl.conf sysctl-p net.ipv4.ip_forward = 1 vim / etc/docker/daemon.json {"registry-mirrors": ["https://6kx4zyno.mirror.aliyuncs.com"]} systemctl reload docker docker search registry docker pull registry docker run-d-p 5000Ranger 5000-- name registry--restart=always-v / opt/registry:/var/lib/registry registry docker ps docker images" Vim / etc/docker/daemon.json {"registry-mirrors": ["https://6kx4zyno.mirror.aliyuncs.com"]," "insecure-registries": ["192.168.100.10 insecure-registries 5000"]} systemctl reload docker docker info

3. Upload and download image # tag image docker tag mysql 192.168.25.140:5000/mysql # uploaded image docker push 192.168.25.140:5000/mysql vim / etc/docker/daemon.json {"registry-mirrors": ["https://6kx4zyno.mirror.aliyuncs.com"],"insecure-registries":["192.168.100.10:5000"]} systemctl restart docker docker pull 192.168.25.140:5000/mysql docker images"

Configure registry to load authentication

However, there is a problem. If this is also deployed, all personnel within the enterprise can access our private warehouse. For security, add an authentication for registry. Only after authentication can you upload or download images in the private repository.

Yum-y install httpd-tools mkdir / opt/registry-auth htpasswd-Bbn bob pwd@123 > / opt/registry-auth/htpasswd docker run-d-p 5000 opt/registry-auth/:/auth/ 5000-- restart=always\-v / opt/registry-auth/:/auth/\-v / opt/registry:/var/lib/registry-- name registry-auth-e "REGISTRY_AUTH=htpasswd"\-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm"\-e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" registry docker Tag tomcat:latest 192.168.100.10:5000/image/tomcat:1.0 docker push 192.168.100.10:5000/image/tomcat:1.0 no basic auth credentials docker login 192.168.100.10 Username 5000 Username: bob Password: docker push 192.168.100.10:5000/image/tomcat:1.0 docker pull 192.168.100.10:5000/image/tomcat:1.0 Error response from daemon: Get http://192.168.100. 10:5000/v2/image/tomcat/manifests/1.0: no basic auth credentials docker login 192.168.100.10 Username 5000 Username: bob Password: docker pull 192.168.100.10:5000/image/tomcat:1.0 docker images V, Query and delete docker registry private warehouse

Modify tag (take hello-world as an example)

Pull the image docker pull hello-world to modify the image docker tag hello-world hub.test.com:5000/hello-world:1.0 to upload, delete, and download the image. After deletion, you can download the docker images docker push hub.test.com:5000/hello-world:1.0 docker rmi hub.test.com:5000/hello-world:1.0 docker images docker pull hub.test.com:5000/hello-world:1.0 docker images successfully.

View the repository image

Curl hub.test.com:5000/v2/_catalog

Registry enables deletion

# View default configuration docker exec-it registry sh-c 'cat / etc/docker/registry/config.yml'# enable deletion (add delete: enabled: true) docker exec-it registry sh-c "sed-I' / storage:/a\ delete:' / etc/docker/registry/config.yml" docker exec-it registry sh-c "sed-I'/ delete:/a\ enabled: true' / etc/docker/registry/config.yml" # restart docker restart registry

Query and delete images

# query image curl / v2/_catalog # query image tag (version) curl / v2//tags/list # Delete image APIcurl-I-X DELETE "/ v2//manifests/" # get image digest_hashcurl / v2//manifests/\-- header "Accept: application/vnd.docker.distribution.manifest.v2+json" the above is shared by the editor on how to build a docker registry private repository, if you happen to have similar doubts It may be understood with reference to the above analysis. If you want to know more about it, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.