搭建基于SSL认证的Docker Registry
来源:互联网 发布:ps制作淘宝详情页模板 编辑:程序博客网 时间:2024/06/07 02:37
Docker Registry
生成SSL证书
$ openssl req -newkey rsa:4096 -nodes -sha256 -keyout alleyz.key -x509 -days 365 -out alleyz.crt
Generating a 4096 bit RSA private key............................................................................................................................................................................................++......................................................................................++writing new private key to 'alleyz.key'-----You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter '.', the field will be left blank.-----Country Name (2 letter code) [XX]:86State or Province Name (full name) []:BeijingLocality Name (eg, city) [Default City]:BeijingOrganization Name (eg, company) [Default Company Ltd]:1233Organizational Unit Name (eg, section) []:1233Common Name (eg, your name or your server's hostname) []:alleyz.com
启动Register容器
$ sudo docker run -d -p 5000:5000 --restart=always --name registry \ -v /home/docker-registry/config/config.yml:/etc/docker/registry/config.yml \ -v /home/docker-registry/repo:/var/lib/registry \ -v /home/docker-registry/certs:/certs \ -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/alleyz.crt \ -e REGISTRY_HTTP_TLS_KEY=/certs/alleyz.key \ registry
访问配置
- 配置HOST
echo "10.8.177.28 alleyz.com" >> /etc/hosts
- 下发证书
其他需要访问的节点也需要这个操作
mkdir -p /etc/docker/certs.d/alleyz.com\:5000cp alleyz.crt /etc/docker/certs.d/alleyz.com\:5000
验证
- 找一镜像进行tag
# docker tag alleyj/pause-amd64:3.0 alleyz.com:5000/kubernetets/pause-amd64:3.0
- 推送至仓库
# docker push alleyz.com:5000/kubernetets/pause-amd64The push refers to a repository [alleyz.com:5000/kubernetets/pause-amd64]5f70bf18a086: Pushed 41ff149e94f2: Pushed 3.0: digest: sha256:a09bb715971a53b59980eefadcb2d82d44607916b73a4aa160bc53ced390627c size: 939
- 去其他机器pull
docker pull alleyz.com:5000/kubernetets/pause-amd64:3.03.0: Pulling from kubernetets/pause-amd64a3ed95caeb02: Pull complete d7968197c95c: Pull complete Digest: sha256:a09bb715971a53b59980eefadcb2d82d44607916b73a4aa160bc53ced390627cStatus: Downloaded newer image for alleyz.com:5000/kubernetets/pause-amd64:3.0
阅读全文
0 0
- 搭建基于SSL认证的Docker Registry
- docker registry带ssl认证的私有仓库搭建
- docker搭建registry(对于认证的个人用户)
- docker registry v2 ssl 环境搭建
- Docker-搭建Docker Registry
- docker registry 搭建流程(含CA认证)
- 搭建自己的docker registry仓库
- 关于Docker Registry v2的搭建
- 关于Docker Registry v2的搭建
- 搭建一个私有的Docker registry
- 关于Docker Registry v2的搭建
- Docker私有仓库Registry的搭建验证
- Docker私有仓库Registry的搭建验证
- docker私有仓库registry的本地搭建
- 搭建本地测试的Docker Registry
- 关于Docker Registry v2的搭建
- Docker私服Registry搭建
- docker 搭建私有registry
- docker下启动jenkins命令
- 织梦dedecms模板文件不存在 无法解析文档
- B
- 7分钟学会系列之ssh免密码登陆
- Adobe Acrobat reader 鼠标指针变成黑色方块的解决方案
- 搭建基于SSL认证的Docker Registry
- 2进制变十进制
- HTML CSS基础详解1
- 111
- YARN伪分布式安装
- dede织梦上传图片出现Upload filetype not allow!情况怎么解决
- 算法 排序乐园 堆与堆排序
- DEDECMS后台不能修改内容权重解决办法
- 我的博客目录