zoukankan      html  css  js  c++  java
  • Deploying docker registry v2

    生成证书

    openssl genrsa -out mydomain.key 2048

    生成秘钥
    openssl req -newkey rsa:4096 -nodes -sha256 -keyout mydomain.key -x509 -days 365 -out mydomain.crt
    将生成的秘钥放置在所有将要pull镜像的docker服务器的目录/etc/docker/certs.d/mydomain/下
    scp
    mydomain.crt xxx@xxx:/etc/docker/certs.d/mydomain/
    注意:放置好秘钥文件后记得重启所在机器的docker-daemin

    生成账户密码文件
    docker run --entrypoint htpasswd registry:2.2 -Bbn tester 123456 > auth/htpasswd;

    运行registry
    docker run -d -p 6000:5000 --restart=always --name registry 
      -v `pwd`/auth:/auth 
      -e "REGISTRY_AUTH=htpasswd" 
      -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" 
      -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd 
      -v `pwd`/certs:/certs 
      -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/mydomain.crt 
      -e REGISTRY_HTTP_TLS_KEY=/certs/mydomain.key 
      registry:2.5.1
    登陆 docker login xxx:6000


    参考
    https://docs.docker.com/registry/insecure/#using-self-signed-certificates
    https://docs.docker.com/registry/deploying/#running-a-domain-registry
    http://www.cnblogs.com/modprobe/p/6026033.html



  • 相关阅读:
    Beta 冲刺day 6
    Beta冲刺day5
    Beta冲刺day4
    Beta 冲刺day3
    Beta 冲刺day2
    Beta冲刺day1
    Beta预备
    城市安全风险管理项目Postmortem结果
    项目总结
    Alpha冲刺置顶随笔
  • 原文地址:https://www.cnblogs.com/xuchenCN/p/6739916.html
Copyright © 2011-2022 走看看