Docker : Use Docker-Registry(SSL)
2015/12/17 |
Configure Docker Private Registry to push/pull Docker images from self private registry.
This is for the case you configure Registry with default HTTPS connection. |
|
[1] |
On Registry Server Node, Get SSL certificates, refer to here.
|
[2] | On this example, certificates are saved under [/etc/letsencrypt/live/(FQDN)] on Registry Node. Specify certificates and start Registry like follows. On the example below, images are saved under [/var/lib/registry] of the local filesystem. |
[root@dlp ~]# cp /etc/letsencrypt/live/dlp.srv.world/fullchain.pem /etc/docker/certs.d/server.crt [root@dlp ~]# cp /etc/letsencrypt/live/dlp.srv.world/privkey.pem /etc/docker/certs.d/server.key [root@dlp ~]# docker run -d -p 5000:5000 --restart=always --name registry \ -v /var/lib/registry:/var/lib/registry \ -v /etc/docker/certs.d:/certs \ -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/server.crt \ -e REGISTRY_HTTP_TLS_KEY=/certs/server.key \ registry:2 2: Pulling from docker.io/library/registry 81033e7c1d6a: Pull complete 6ff332201ab29c521fa70e54187d7677f9df1803550f8d61bcaff88f8c602e3b [root@dlp ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 6ff332201ab2 registry:2 "/entrypoint.sh /e..." 21 sec ago 18 seconds 0.0.0.0:5000->5000/tcp registry |
[3] | To push or pull from private registry on other Docker clients, do like follows. |
[root@node01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/centos latest e934aafc2206 9 days ago 199 MB # set tag and push [root@node01 ~]# docker tag centos dlp.srv.world:5000/centos [root@node01 ~]# docker push dlp.srv.world:5000/centos The push refers to a repository [dlp.srv.world:5000/centos] 43e653f84b79: Layer already exists latest: digest: sha256:191c883e479a7da2362b2d54c0840b2e8981e5ab62e11ab925abf8808d3d5d44 size: 529 docker images REPOSITORY TAG IMAGE ID CREATED SIZE dlp.srv.world:5000/centos latest e934aafc2206 9 days ago 199 MB docker.io/centos latest e934aafc2206 9 days ago 199 MB # delete all images once to verify Pull [root@node01 ~]# docker rmi docker.io/centos [root@node01 ~]# docker rmi dlp.srv.world:5000/centos [root@node01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE[root@node01 ~]# docker pull dlp.srv.world:5000/centos Using default tag: latest Trying to pull repository dlp.srv.world:5000/centos ... latest: Pulling from dlp.srv.world:5000/centos 469cfcc7a4b3: Pull complete Digest: sha256:191c883e479a7da2362b2d54c0840b2e8981e5ab62e11ab925abf8808d3d5d44 Status: Downloaded newer image for dlp.srv.world:5000/centos:latest [root@node01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE dlp.srv.world:5000/centos latest e934aafc2206 9 days ago 199 MB |