[Docker] Docker 私有仓库搭建教程(带用户验证)

1.  基础环境

     操作系统:CentOS/Redhat 7 x86-64

      Docker:1.12.6

2.  搭建步骤(服务器端)

2.1  下载 Registry 镜像

# docker pull registry:2.5
[Docker] Docker 私有仓库搭建教程(带用户验证)_第1张图片
2.2  生成 用户名/密码 访问密钥 (这里设置用户名 abc , 密码 abc123)

# mkdir -p /opt/registry-var/auth/
# docker run --entrypoint htpasswd registry:2.5 -Bbn abc abc123  >> /opt/registry-var/auth/htpasswd
2.3  设置配置文件,启用删除镜像功能(也可以不启用,看业务需要,修改 storage - delete - enable 为 false 即可)

# mkdir -p /opt/registry-var/config
# vim /opt/registry-var/config/config.yml
version: 0.1
log:
  fields:
    service: registry
storage:
  delete:
    enabled: true
  cache:
    blobdescriptor: inmemory
  filesystem:
    rootdirectory: /var/lib/registry
http:
  addr: :5000
  headers:
    X-Content-Type-Options: [nosniff]
health:
  storagedriver:
    enabled: true
    interval: 10s
threshold: 3
2.4  启动服务(这里将镜像路径映射到宿主机的 /opt/registry-var/ 文件夹下,可以根据需要修改)

# docker run -d -p 5000:5000 --restart=always  --name=registry\
  -v /opt/registry-var/config/:/etc/docker/registry/ \
  -v /opt/registry-var/auth/:/auth/ \
  -e "REGISTRY_AUTH=htpasswd" \
  -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
  -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
  -v /opt/registry-var/:/var/lib/registry/ \
registry:2.5
3.  使用步骤(客户端)

3.1  开启 http 形式访问私有仓库模式

# vim /etc/docker/daemon.json

# systemctl daemon-reload
# systemctl restart docker
3.2  上传镜像到私有仓库(以 ubuntu:14.04 为例)

# docker tag ubuntu:14.04 192.9.100.127:5000/ubuntu:14.04
# docker login 192.9.100.127:5000

# docker push 192.9.100.127:5000/ubuntu:14.04
[Docker] Docker 私有仓库搭建教程(带用户验证)_第2张图片
3.3  下载镜像

# docker pull 192.9.100.127:5000/ubuntu:14.04
4.  额外操作

4.1  查找私有仓库镜像

# curl -u abc:abc123  http://192.9.100.127:5000/v2/_catalog

# curl -u abc:abc123 http://192.9.100.127:5000/v2/ubuntu/tags/list

4.2  删除私有仓库镜像(不推荐)

       a.  仅删除镜像某个版本 (以ubuntu:14.04为例)

       a.1  首先拿到digest_hash 参数

# curl -u abc:abc123 --header "Accept: application/vnd.docker.distribution.manifest.v2+json" -I -X GET http://192.9.100.127:5000/v2/ubuntu/manifests/14.04

       a.2  删除镜像清单

# curl -u abc:abc123 -I -X DELETE http://192.9.100.127:5000/v2/ubuntu/manifests/sha256:2db86761fb24843ed0741646573e14aa4262daf6f78186e61cb0c2ae5d414a52

      a.3  清理文件系统

# docker exec registry bin/registry garbage-collect /etc/docker/registry/config.yml

        b  删除某镜像所有版本

# docker exec registry rm -rf /var/lib/registry/docker/registry/v2/repositories/ubuntu
# docker exec registry bin/registry garbage-collect /etc/docker/registry/config.yml
          删除后需要重启registry容器

          尽量不要删除镜像,以免损坏Layer,更新镜像直接上传覆盖即可





     

你可能感兴趣的:(容器技术)