docker 搭建私有仓库registry (多用户)
来源:互联网 发布:手机五线谱制作软件 编辑:程序博客网 时间:2024/05/29 16:41
Docker Registry v2 + Token Auth Server (Registry v2 认证)
环境:虚拟机中的centos
1,创建目录(基于/data/目录下)
auth_server/├── config│ └── auth_config.yml└── ssl ├── server.key └── server.pem2,创建证书:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.pem3,cd /data/auth_server/config
vi auth_config.yml
server: # Server settings. # Address to listen on. addr: ":5001" # TLS certificate and key. certificate: "/ssl/server.pem" key: "/ssl/server.key"token: # Settings for the tokens. issuer: "Auth Service" # Must match issuer in the Registry config. expiration: 900# Static user map. users: # Password is specified as a BCrypt hash. Use htpasswd -B to generate. "admin": password: "$2y$05$B.x046DV3bvuwFgn0I42F.W/SbRU5fUoCbCGtjFl7S33aCUHNBxbq" "hussein": password: "$2y$05$xN3hNmNlBIYpST7UzqwK/O5T1/JyXDGuJgKJzf4XuILmvX7L5ensa" "": {} # Allow anonymous (no "docker login") access.acl: # Admin has full access to everything. - match: {account: "admin"} actions: ["*"] # User "test" has full access to ubuntu image but nothing else. - match: {account: "hussien", name: "ubuntu"} actions: ["*"] - match: {account: "test"} actions: [] # All logged in users can pull all images. - match: {account: "/.+/",name:"{$account}/*"} actions: ["pull"] # Anonymous users can pull "hello-world". - match: {account: "", name: "hello-world"} actions: ["pull"] # Access is denied by default.6,
docker run -d -p 5000:5000 \-e REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/var/lib/registry \-e REGISTRY_AUTH=token \-e REGISTRY_AUTH_TOKEN_REALM=https://registry.example.com:5001/auth \-e REGISTRY_AUTH_TOKEN_SERVICE="Docker registry" \-e REGISTRY_AUTH_TOKEN_ISSUER="Auth Service" \-e REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE=/ssl/server.pem \-v /root/auth_server/ssl:/ssl \-v /root/docker_registry/data:/var/lib/registry \--restart=always \--name registry registry:27,即可以用设置的账户登录进去,进行push和pull。
阅读全文
0 0
- docker 搭建私有仓库registry (多用户)
- docker基础:私有仓库repository搭建(1):registry
- 搭建 Docker 私有仓库 Registry-v2
- Docker私有仓库Registry的搭建验证
- Docker私有仓库Registry的搭建验证
- docker registry-v2 搭建私有仓库
- docker私有仓库registry的本地搭建
- docker registry V2私有仓库搭建
- 使用Docker Registry搭建Docker私有仓库-极简
- docker 搭建私有registry
- 搭建私有Docker Registry
- docker 私有仓库 registry 部署
- Docker私有仓库Registry使用
- Docker-构建私有仓库Registry
- 第6章 Docker私有仓库Registry的搭建验证
- docker registry带ssl认证的私有仓库搭建
- docker私有仓库搭建 使用Portus管理docker registry 私有仓库
- docker搭建私有仓库,(docker-toolbox)
- centos7 二进制安装mysql 5.7.16版本
- android跨线程通信eventbus
- 信号量dispatch_semaphore在iOS APP编程里的“应用”
- AndroidStudio 配置Kotlin
- acquireFence、releaseFence、retireFence
- docker 搭建私有仓库registry (多用户)
- 轻松理解依赖注入
- ArrayList和LinkedList性能比较
- arm bootloder最小启动
- [Unity&GameSparks]其他twitter用户怎么登录
- 面试问题你有什么问题
- 在Spring MVC中使用工具类调用Service层时,Service类为null如何解决
- 最大流问题预流推进算法(邻接表relabel_to_front)
- 爬虫入门讲解:基础理论篇