docker 搭建私有仓库registry (多用户)
2017-06-15 16:13
856 查看
Docker Registry v2 + Token Auth Server (Registry v2 认证)
环境:虚拟机中的centos
1,创建目录(基于/data/目录下)
2,创建证书:
3,cd /data/auth_server/config
vi auth_config.yml
6,
7,即可以用设置的账户登录进去,进行push和pull。
环境:虚拟机中的centos
1,创建目录(基于/data/目录下)
auth_server/ ├── config │ └── auth_config.yml └── ssl ├── server.key └── server.pem
2,创建证书:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.pem
3,cd /data/auth_server/config
vi auth_config.yml
server: # Server settings. # Address to listen on. addr: ":5001" # TLS certificate and key. certificate: "/ssl/server.pem" key: "/ssl/server.key" token: # Settings for the tokens. issuer: "Auth Service" # Must match issuer in the Registry config. expiration: 900 # Static user map. users: # Password is specified as a BCrypt hash. Use htpasswd -B to generate. "admin": password: "$2y$05$B.x046DV3bvuwFgn0I42F.W/SbRU5fUoCbCGtjFl7S33aCUHNBxbq" "hussein": password: "$2y$05$xN3hNmNlBIYpST7UzqwK/O5T1/JyXDGuJgKJzf4XuILmvX7L5ensa" "": {} # Allow anonymous (no "docker login") access. acl: # Admin has full access to everything. - match: {account: "admin"} actions: ["*"] # User "test" has full access to ubuntu image but nothing else. - match: {account: "hussien", name: "ubuntu"} actions: ["*"] - match: {account: "test"} actions: [] # All logged in users can pull all images. - match: {account: "/.+/",name:"{$account}/*"} actions: ["pull"] # Anonymous users can pull "hello-world". - match: {account: "", name: "hello-world"} actions: ["pull"] # Access is denied by default.
6,
docker run -d -p 5000:5000 \ -e REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/var/lib/registry \ -e REGISTRY_AUTH=token \ -e REGISTRY_AUTH_TOKEN_REALM=https://registry.example.com:5001/auth \ -e REGISTRY_AUTH_TOKEN_SERVICE="Docker registry" \ -e REGISTRY_AUTH_TOKEN_ISSUER="Auth Service" \ -e REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE=/ssl/server.pem \ -v /root/auth_server/ssl:/ssl \ -v /root/docker_registry/data:/var/lib/registry \ --restart=always \ --name registry registry:2
7,即可以用设置的账户登录进去,进行push和pull。
相关文章推荐
- Docker私有仓库Registry的搭建验证
- 基于Docker搭建Registry私有镜像仓库
- docker学习笔记(二)——本地私有仓库Registry的搭建与验证
- Docker私有仓库Registry搭建(localhost 可行但跨主机有问题)
- docker registry V2私有仓库搭建
- Docker Registry 私有仓库搭建详细步骤
- Docker--------registry私有仓库搭建 [ Http ]
- docker私有仓库registry的本地搭建
- Docker--------Harbor registry私有仓库搭建 [ Http ]
- Ubuntu Docker Registry 搭建私有仓库
- Docker私有仓库Registry 搭建
- Docker私有仓库Registry的搭建验证
- docker-registry 搭建私有仓库服务器
- 使用官方 docker registry 搭建私有镜像仓库及部署 web ui
- 详解Docker私有仓库Registry的搭建验证
- docker registry-v2 搭建私有仓库
- 搭建 Docker 私有仓库 Registry-v2
- docker基础:私有仓库repository搭建(1):registry
- docker私有仓库搭建 使用Portus管理docker registry 私有仓库
- Docker私有仓库Registry及Auth-server认证搭建