Docker : Docker-Registry (Authentication)2019/07/24 |
Configure Docker Private Registry which requires user authentication.
|
|
[1] |
On the Node which you run Registry Pod, Get SSL certificates, refer to here.
|
[2] | Install htpasswd command for adding users. |
root@dlp:~# apt -y install apache2-utils
|
[3] | Add any user you like. |
root@dlp:~# htpasswd -Bc /etc/docker/.htpasswd admin New password: Re-type new password: Adding password for user admin |
[4] | On this example, certificates are saved under [/etc/letsencrypt/live/(FQDN)] on Registry Node. Run Registry Pod with htpasswd file created above and certificates. |
root@dlp:~#
mkdir /etc/docker/certs.d root@dlp:~# cp /etc/letsencrypt/live/dlp.srv.world/fullchain.pem /etc/docker/certs.d/server.crt root@dlp:~# cp /etc/letsencrypt/live/dlp.srv.world/privkey.pem /etc/docker/certs.d/server.key
root@dlp:~# docker run -d -p 5000:5000 --restart=always --name registry \
-v /var/lib/registry:/var/lib/registry \
-v /etc/docker/certs.d:/certs \
-v /etc/docker:/auth \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/server.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/server.key \
-e REGISTRY_AUTH=htpasswd \
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/.htpasswd \
-e REGISTRY_AUTH_HTPASSWD_REALM="Registry Realm" \
registry:2
e2c22e4df789fed4a03a3eaf281d8e03d223afd2359531a85e2dd357ddfbde37root@dlp:~# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e2c22e4df789 registry:2 "/entrypoint.sh /etc…" 9 minutes ago Up 9 minutes 0.0.0.0:5000->5000/tcp registry |
[5] | That's OK to configure registry. Try to Push/Pull images from your Private Registry on any Docker nodes. |
# login with a user you added root@node01:~# docker login dlp.srv.world:5000 Username: admin Password: Login Succeeded docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest e445ab08b2be 9 hours ago 126MBroot@node01:~# docker tag nginx dlp.srv.world:5000/nginx root@node01:~# docker push dlp.srv.world:5000/nginx The push refers to repository [dlp.srv.world:5000/nginx] fe6a7a3b3f27: Pushed d0673244f7d4: Pushed d8a33133e477: Pushed latest: digest: sha256:dc85890ba9763fe38b178b337d4ccc802874afe3c02e6c98c304f65b08af958f size: 948root@node01:~# docker images REPOSITORY TAG IMAGE ID CREATED SIZE dlp.srv.world:5000/nginx latest e445ab08b2be 9 hours ago 126MB nginx latest e445ab08b2be 9 hours ago 126MB |
Sponsored Link |