Docker : Use Docker-Registry2019/07/24 |
Install Docker-Registry to build Private Registry for Docker images.
|
|
[1] |
On The Host which Docker-Registry Container runs, Get SSL Certificates, refer to here.
This example is based on the case that SSL certificates are gotten under the [/etc/letsencrypt/live/dlp.srv.world] and set the [Common Name] as [dlp.srv.world]. |
[2] | Copy to locate Certificates and pull Registry Image (v2). Container Images are located under [/var/lib/regstry] on Registry v2 Container, so map to mount [/var/lib/docker/registry] on parent Host for Registry Container to use as Persistent Storage. |
root@dlp:~#
root@dlp:~# mkdir -p /etc/docker/certs.d/dlp.srv.world:5000 root@dlp:~# cp -p /etc/letsencrypt/live/dlp.srv.world/cert.pem /etc/docker/certs.d/dlp.srv.world:5000/ca.crt
docker pull registry:2 root@dlp:~# mkdir /var/lib/docker/registry root@dlp:~# docker run -d -p 5000:5000 \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/fullchain.pem \ -e REGISTRY_HTTP_TLS_KEY=/certs/privkey.pem \ -v /etc/letsencrypt/live/dlp.srv.world:/certs \ -v /var/lib/docker/registry:/var/lib/registry \ registry:2 131143d2def7d089976ce6dd658bf9c4ccc4e43beff3f6932da4d9c81841a768root@dlp:~# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 131143d2def7 registry:2 "/entrypoint.sh /etc…" 11 seconds ago Up 10 seconds 0.0.0.0:5000->5000/tcp clever_williamson |
[3] | For pushing local Image to Registry Container server, set like follows. |
# list images on Registry container root@dlp:~# curl https://dlp.srv.world:5000/v2/_catalog {"repositories":[]} docker images REPOSITORY TAG IMAGE ID CREATED SIZE storage latest 51e28000b0fb 8 minutes ago 1.22MB web_server latest 42e95a62ed8e 25 minutes ago 300MB srv.world/debian_apache2 latest 4295df3e5c82 31 minutes ago 243MB busybox latest db8ee88ad75f 5 days ago 1.22MB debian latest 00bf7fdd8baf 2 weeks ago 114MB registry 2 f32a97de94e1 4 months ago 25.8MB # set a tag and push root@dlp:~# docker tag debian dlp.srv.world:5000/debian_reg root@dlp:~# docker push dlp.srv.world:5000/debian_reg The push refers to repository [dlp.srv.world:5000/debian_reg] ..... ..... 31b0e148310d: Pushed latest: digest: sha256:2ea543d7e388e3cee7be9d37ae93b1eab62a108716e64bb71f6fa93948967e73 size: 529root@dlp:~# docker images REPOSITORY TAG IMAGE ID CREATED SIZE storage latest 51e28000b0fb 10 minutes ago 1.22MB web_server latest 42e95a62ed8e 26 minutes ago 300MB srv.world/debian_apache2 latest 4295df3e5c82 32 minutes ago 243MB busybox latest db8ee88ad75f 5 days ago 1.22MB dlp.srv.world:5000/debian_reg latest 00bf7fdd8baf 2 weeks ago 114MB debian latest 00bf7fdd8baf 2 weeks ago 114MB registry 2 f32a97de94e1 4 months ago 25.8MBroot@dlp:~# curl https://dlp.srv.world:5000/v2/_catalog {"repositories":["debian_reg"]} |
[4] | For getting images from Registry Container server on a Docker node, set like follows. |
# get certificates from Registry Container root@node01:~# mkdir -p /etc/docker/certs.d/dlp.srv.world:5000 root@node01:~# cd /etc/docker/certs.d/dlp.srv.world:5000 root@node01:/etc/...5000# scp debian@dlp.srv.world:"/etc/docker/certs.d/dlp.srv.world:5000/ca.crt" ./
docker pull dlp.srv.world:5000/debian_reg Using default tag: latest latest: Pulling from debian_reg 5ae19949497e: Pull complete Digest: sha256:2ea543d7e388e3cee7be9d37ae93b1eab62a108716e64bb71f6fa93948967e73 Status: Downloaded newer image for dlp.srv.world:5000/debian_reg:latestroot@node01:~# docker images REPOSITORY TAG IMAGE ID CREATED SIZE dlp.srv.world:5000/debian_reg latest 00bf7fdd8baf 2 weeks ago 114MB |
Sponsored Link |