-
Docker仓库
目录
1、registry私有仓库
拉取registry镜像
docker pull registry运行registry仓库
docker run -d -p 5000:5000 --restart=always --name registry registry
上传镜像
- docker tag nginx:latest localhost:5000/nginx:latest
- docker push localhost:5000/nginx
- curl localhost:5000/v2/_catalog
- docker pull localhost:5000/nginx
2、insecure registry
4、仓库加密
- yum install -y openssl11-libs-1.1.1k-2.el7.x86_64.rpm openssl11-1.1.1k-2.el7.x86_64.rpm
- vim /etc/hosts
- mkdir certs
- openssl11 req -newkey rsa:4096 -nodes -sha256 -keyout certs/westos.org.key -addext "subjectAltName = DNS:reg.westos.org" -x509 -days 365 -out certs/westos.org.crt
- docker run -d -p 443:443 --restart=always --name registry -v /opt/registry:/var/lib/registry -v /root/certs:/certs -e REGISTRY_HTTP_ADDR=0.0.0.0:443 -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/westos.org.crt -e REGISTRY_HTTP_TLS_KEY=/certs/westos.org.key registry
- docker ps
部署客户端证书,不然会报错
- docker tag nginx:latest reg.westos.org/nginx:latest
- docker push reg.westos.org/nginx:latest
- mkdir -p /etc/docker/certs.d/reg.westos.org/
- cp /root/certs/westos.org.crt /etc/docker/certs.d/reg.westos.org/ca.crt
- docker push reg.westos.org/nginx:latest
- curl -k https://reg.westos.org/v2/_catalog
5、仓库认证
- yum install -y httpd-tools
- mkdir auth
- htpasswd -Bc auth/htpasswd admin
- htpasswd -B auth/htpasswd yyl
- cat auth/htpasswd
删除registry,重建
- docker rm -f registry
- docker run -d -p 443:443 --restart=always --name registry -v /opt/registry:/var/lib/registry -v /root/certs:/certs -e REGISTRY_HTTP_ADDR=0.0.0.0:443 -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/westos.org.crt -e REGISTRY_HTTP_TLS_KEY=/certs/westos.org.key -v /root/auth:/auth -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry
- docker login reg.westos.org
- cat .docker/config.json
验证
- docker tag busybox:latest reg.westos.org/busybox:latest
- docker push reg.westos.org/busybox:latest
- curl -k https://reg.westos.org/v2/_catalog -u admin:westos
server2上移除非安全仓库设置
- mv daemon.json /mnt/
- systemctl restart docker
添加解析拷贝证书
- vim /etc/hosts
- cd /etc/docker/
- scp -r certs.d/ k8s1:/etc/docker/
登录远程仓库
- docker login reg.westos.org
- docker pull reg.westos.org/busybox
6、harbor企业级私有仓库
harbor仓库常用命令
- docker-compose ps 查看harbor各组件服务状态
- docker-compose down #停止Harbor服务
- docker-compose up -d #启动Harbor
删除之前部署的registry,不然会冲突 拷贝证书
- docker rm -f registry
- tar zxf harbor-offline-installer-v2.5.0.tgz
- cd harbor/
- cp harbor.yml.tmpl harbor.yml
- vim harbor.yml
- mkdir /data
- cp -r certs /data
部署docker-compose 部署harbor
- mv docker-compose-linux-x86_64-v2.22.0 /usr/local/bin/docker-compose
- chmod +x /usr/local/bin/docker-compose
- cd harbor/
- ./install.sh
使用浏览器登录仓库 用户名:admin 密码是上面配置文件设置的123456
上传镜像,首先需要执行docker login reg.westos.org
- docker login reg.westos.org
- docker tag busybox:latest reg.westos.org/library/busybox:latest
- docker tag nginx:latest reg.westos.org/library/nginx:latest
- docker push reg.westos.org/library/nginx:latest
- docker push reg.westos.org/library/busybox:latest
配置默认仓库
- vim /etc/docker/daemon.json
- systemctl restart docker
- docker pull nginx
公共仓库支持匿名拉取
创建私有仓库
新建用户
授权维护私有仓库
私有仓库上传下载都需要认证,并且还要指定仓库域名
- docker tag yakexi007/game2048:latest reg.westos.org/westos/game2048:latest
- docker push reg.westos.org/westos/game2048:latest
- docker login reg.westos.org
- docker pull reg.westos.org/westos/game2048:latest
-
相关阅读:
[附源码]计算机毕业设计物业管理系统Springboot程序
JVM与Java体系结构
力扣学习计划75题-第一篇
设计模式总结
传染病学模型 | Matlab实现SEIR传染病学模型 (SEIR Epidemic Model)
牛客周赛 Round 16
2021年09月 Python(二级)真题解析#中国电子学会#全国青少年软件编程等级考试
CMT2380F32模块开发2-IDE软件配置
网络层的七七八八
教你VSCode如何快速对齐代码、格式化代码
- 原文地址:https://blog.csdn.net/weixin_56744753/article/details/134085077