CentOS 7
Ads

Docker :Use Docker-Registry#2
2015/12/17
 
This is the settings for accessing to Registry Server with HTTPS.
This example shows to configure to use Apache httpd.
[1]
[2] Create a directory under the /etc/docker/certs.d on each Docker Node which name is just the one you specified for "Common Name" when creating certificates, and next, transfer "xxx.crt" file on Registry Server to the directory. Furthermore, if you created self signed certificates, Transfer "ca-bundle.crt", too.
[root@node01 ~]#
ll /etc/docker/certs.d/dlp.srv.world

total 268
-r--r--r-- 1 root root 266702 Dec 18 11:09 ca-bundle.crt
-rw-r--r-- 1 root root   1334 Dec 18 11:09 server.crt

[root@node01 ~]#
vi /etc/sysconfig/docker
# line 23: comment out

#
INSECURE_REGISTRY='--insecure-registry dlp.srv.world:5000'
[root@node01 ~]#
systemctl restart docker
[3]
[4]
[5] Configure httpd on Docker-Registry Server like follows.
[root@dlp ~]#
vi /etc/httpd/conf.d/docker-registry.conf
# create new

ProxyRequests off
ProxyPreserveHost on
ProxyPass / http://127.0.0.1:5000/
ProxyPassReverse / http://127.0.0.1:5000/
<Location />
    AuthType Basic
    AuthName "Basic Authentication"
    AuthUserFile /etc/httpd/conf/.htpasswd
    require valid-user
</Location>

[root@dlp ~]#
htpasswd -c /etc/httpd/conf/.htpasswd cent

New password:
Re-type new password:
Adding password for user cent
[root@dlp ~]#
systemctl restart httpd
[6] It's OK all. Access to Registry Server from any Docker Nodes with HTTPS.
# login with a user which is added by htpasswd

[root@node01 ~]#
docker login dlp.srv.world

Username:
cent

Password:
Email:
WARNING: login credentials saved in /root/.docker/config.json
Login Succeeded
[root@node01 ~]#
docker tag web_server dlp.srv.world/webserver

[root@node01 ~]#
docker push dlp.srv.world/webserver

[root@node01 ~]#
docker search dlp.srv.world/web

INDEX          NAME                                 DESCRIPTION   STARS     OFFICIAL   AUTOMATED
srv.world   dlp.srv.world/library/webserver                 0
 
Tweet