搭建docker私有仓库(用户认证web管理)

Posted error_logs

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了搭建docker私有仓库(用户认证web管理)相关的知识,希望对你有一定的参考价值。

ubuntu:16.04

docker:18.06.0-ce

docker仓库服务器:192.168.83.102

--------------------------------------分割线--------------------------------------

1、生成私钥和证书  mkdir conf

openssl req -new -newkey rsa:4096 -days 365 -subj "/CN=localhost"         -nodes -x509 -keyout conf/auth.key -out conf/auth.cert

2、创建注册表配置 vim conf/registry-srv.ym

version: 0.1    

storage:
  filesystem:
    rootdirectory: /var/lib/registry
    
http:
  addr: 0.0.0.0:5000   
    
auth:
  token:
    # external url to docker-web authentication endpoint
    realm: http://192.168.83.102:8080/api/auth
    # should be same as registry.name of registry-web
    service: 192.168.83.102:5000
    # should be same as registry.auth.issuer of registry-web
    issuer: ‘my issuer‘
    # path to auth certificate
    rootcertbundle: /etc/docker/registry/auth.cert

 

3、启动容器服务registry-srv

docker run     -v /data/registry:/var/lib/registry     -v $(pwd)/conf/registry-srv.yml:/etc/docker/registry/config.yml:ro     -v $(pwd)/conf/auth.cert:/etc/docker/registry/auth.cert:ro     -p 5000:5000  --name=registry-srv --restart=always -d registry:2

4、创建配置文件vim conf/registry-web.yml

registry:
  # Docker registry url
  url: http://192.168.83.102:5000/v2
  # Docker registry fqdn
  name: 192.168.83.102:5000
  # To allow image delete, should be false
  readonly: false
  auth:
    # Enable authentication
    enabled: true
    # Token issuer
    # should equals to auth.token.issuer of docker registry
    issuer: ‘my issuer‘
    # Private key for token signing
    # certificate used on auth.token.rootcertbundle should signed by this key
    key: /conf/auth.key

5、启动容器服务registry-web

docker run -v $(pwd)/conf/registry-web.yml:/conf/config.yml:ro            -v $(pwd)/conf/auth.key:/conf/auth.key -v $(pwd)/db:/data            -d -p 8080:8080 --restart=always --link registry-srv --name=registry-web hyper/docker-registry-web

6、通过web访问服务器地址http://192.168.83.102:8080

  默认用户密码是admin/admin

以上是关于搭建docker私有仓库(用户认证web管理)的主要内容,如果未能解决你的问题,请参考以下文章

Docker搭建带有访问认证的私有仓库

Docker私有仓库Registry认证搭建

Docker安装私有仓库,用户认证(Registry)

可能是最详细的部署:Docker Registry企业级私有镜像仓库Harbor管理WEB UI

Docker 私有仓库 Harbor registry 安全认证搭建 [Https]

Docker Registry Server 搭建,配置免费HTTPS证书,及拥有权限认证TLS 的私有仓库