搭建私有Docker Registry和Browser管理
126
2024-06-28
1.安装registry
registry的yaml脚本
docker-registry:
image: "registry:2.8.3"
container_name: docker-registry
volumes:
- /usr/share/zoneinfo/Asia/Shanghai:/etc/localtime
# 仓库映射
- /data/docker/registry/data:/var/lib/registry
# 登录密钥映射
- /data/docker/registry/auth:/auth
# 配置映射
- /data/docker/registry/config.yml:/etc/docker/registry/config.yml
environment:
REGISTRY_AUTH: htpasswd
REGISTRY_AUTH_HTPASSWD_REALM: "Registry Realm"
REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd
networks:
- backend
restart: always
config.yml配置文件
version: 0.1
log:
fields:
service: registry
storage:
delete:
enabled: true
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
headers:
X-Content-Type-Options: [nosniff]
health:
storagedriver:
enabled: true
interval: 10s
threshold: 3
2.生成登录密钥
注意:账号密码按照自己需求自行修改
docker run --rm httpd:2.4 htpasswd -Bbn root 123456 > /data/docker/registry/auth/htpasswd
3.安装docker-registry-browser
生成一个密钥
openssl rand -hex 64
docker-registry-browser的yaml脚本
docker-registry-browser:
image: "klausmeyer/docker-registry-browser:1.7.2"
container_name: docker-registry-browser
volumes:
- /usr/share/zoneinfo/Asia/Shanghai:/etc/localtime
environment:
SECRET_KEY_BASE: 5018c5a5a5f8791f4e5c7a488acd6cj59453e20d62ad9dba804b57eaf58ac70f7408e176b7dfa0dbc969c33e9ae90520eb7951ae7c16d9f0ce45136360e11ee6
DOCKER_REGISTRY_URL: http://docker-registry:5000
NO_SSL_VERIFICATION: true
TOKEN_AUTH_USER: root
TOKEN_AUTH_PASSWORD: 123456
SCRIPT_NAME: "/browser"
RAILS_RELATIVE_URL_ROOT: "/browser"
ENABLE_DELETE_IMAGES: true
networks:
- backend
restart: always
4.配置nginx代理
nginx的server代理配置
location /browser/ {
proxy_pass http://docker-registry-browser:8080/;
proxy_set_header Host $host;
proxy_set_header Origin $scheme://$host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Host $host;
}
location /v2/ {
proxy_pass http://docker-registry:5000;
proxy_set_header Host $host;
proxy_set_header Origin $scheme://$host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Host $host;
}
UI效果
5.推送镜像
登录账号
docker login <domain:port>
给镜像打标签
docker tag <old_container>:<old_tag> <domain:port>/<container>:<tag>
例如:
docker tag mysql:8.0.28 hub.docker.com/mysql:8.0.28
推送镜像
docker push <domain:port>/<container>:<tag>
例如:
docker push hub.docker.com/mysql:8.0.28
- 1
- 0
-
分享