安装 Docker Engine
Install
Docker Engine on CentOS
1
2
3
4
5
6
7
8
9
10
| sudo yum install -y yum-utils
sudo yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y docker-ce docker-ce-cli containerd.io
sudo systemctl start docker
sudo docker run hello-world
sudo systemctl enable docker.service
sudo systemctl enable containerd.service
|
Registry
as a pull through cache
1
2
3
4
5
6
7
8
9
10
| cat <<EOF > /etc/docker/daemon.json
{
"registry-mirrors": [
"https://mirror.ccs.tencentyun.com"
]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker.service
|
注册域名
申请 SSL 证书
FreeSSL.cn
运行 Registry Server
Deploy a
registry server
1
2
3
4
5
6
7
| mkdir auth
docker run \
--entrypoint htpasswd \
httpd:2 -Bbn testuser testpassword > auth/htpasswd
mkdir certs
|
1
2
3
4
5
6
7
8
9
10
11
12
13
| docker run -d \
-p 5000:5000 \
--restart=always \
--name registry-srv \
-v "$(pwd)"/auth:/auth \
-e "REGISTRY_AUTH=htpasswd" \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
-v "$(pwd)"/certs:/certs \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
-v /mnt/registry:/var/lib/registry \
registry:2
|
拷贝镜像到 Registry Server
1
2
3
4
5
6
7
|
docker pull busybox:latest
docker tag busybox:latest <domain>:5000/busybox:latest
docker login <domain>:5000
docker push <domain>:5000/busybox:latest
curl https://testuser:testpassword@<domain>:5000/v2/busybox/tags/list
|
运行 Registry UI
docker-registry-frontend
1
2
3
4
5
6
7
8
9
10
11
12
13
| docker run -d \
--name registry-web \
--link registry-srv:registry \
-e ENV_USE_SSL=yes \
-e ENV_DOCKER_REGISTRY_HOST=registry \
-e ENV_DOCKER_REGISTRY_PORT=5000 \
-e ENV_DOCKER_REGISTRY_USE_SSL=1 \
-v "$(pwd)"/certs/domain.crt:/etc/apache2/server.crt:ro \
-v "$(pwd)"/certs/domain.key:/etc/apache2/server.key:ro \
-p 8000:443 \
-p 0:80 \
konradkleine/docker-registry-frontend:v2
|
添加防火墙规则
| 0.0.0.0/0 |
TCP |
5000 |
| 0.0.0.0/0 |
TCP |
8000 |