docker私有镜像仓库搭建

1、下载registry镜像

docker pull registry:2.5

2、生成登录私有仓库的用户名以及密码

mkdir -p /opt/registry/auth/
docker run --entrypoint htpasswd registry:2.5 -Bbn username userpwd  >> /opt/registry/auth/htpasswd

3、创建配置文件

mkdir -p /opt/registry/config
vim /opt/registry/config/config.yml

##config.yml文件配置
version: 0.1
log:
  fields:
    service: registry
storage:
  delete:
    enabled: true    //打开删除功能
  cache:
    blobdescriptor: inmemory
  filesystem:
    rootdirectory: /var/lib/registry
http:
  addr: :5000
  headers:
    X-Content-Type-Options: [nosniff]
health:
  storagedriver:
    enabled: true
    interval: 10s
threshold: 3

4、启动仓库容器

docker run -d -p 5000:5000 --restart=always  --name=myregistry\
  -v /opt/registry/config/:/etc/docker/registry/ \
  -v /opt/registry/auth/:/auth/ \
  -e "REGISTRY_AUTH=htpasswd" \
  -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
  -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
  -v /opt/registry/:/var/lib/registry/ \
registry:2.5

使用5000端口，需要打开服务器的该端口号

5、允许远程访问、下载、推送镜像文件到私有仓库

vim /etc/docker/daemon.json

{
        ……
        "insecure-registries": ["**.**.**.***:5000"]
}

保存后重启docker,否则不生效

systemctl daemon-reload
systemctl restart docker

以上完成私有仓库配置，检查是否能成功登录

curl -u username:userpwd http://**.**.**.***:5000/v2/_catalog

展示

{"repositories":[]}    //说明私有仓库配置成功

6、问题总结

//运行
docker run --entrypoint htpasswd registry:latest -Bbn username userpwd  >> /opt/registry/auth/htpasswd
//出现问题
docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "htpasswd": executable file not found in $PATH: unknown.

原因是使用的registry镜像版本是不固定的【latest】引起的， 所以在执行的时候，下载的registry镜像文件要固定到某一具体版本，例如：registry:2.7.0