docker镜像仓库

---

一、私有镜像仓库

在真机里面开启地址伪装功能
然后

docker pull registry
docker images registry

docker inspect registry:latest
docker run -d --name registry -v /opt/registry:/var/lib/registry -p 5000:5000 registry
docker ps

netstat -antlp
docker tag rhel7:v5 localhost:5000/rhel7:v5
docker push localhost:5000/rhel7

ls /opt/registry/
docker run -d --name registry -v /opt/registry:/var/lib/registry -p 5000:5000 registry
docker rm -f registry
curl localhost:5000/v2/_catalog

docker images
curl localhost:5000/v2/rhel7/tags/list
cd …

mkdir -p certs
openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/westos.org.key -x509 -days 365 -out certs/westos.org.crt
ls certs/

docker rm -f registry

docker run -d --name registry -v /opt/registry:/var/lib/registry -p 443:443 -v  "$(pwd)"/certs:/certs -e REGISTRY_HTTP_ADDR=0.0.0.0:443 -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/westos.org.crt -e REGISTRY_HTTP_TLS_KEY=/certs/westos.org.key registry
docker port registry

添加认证

yum install httpd-tools
mkdir auth
htpasswd -Bc auth/htpasswd admin

二、harbor容器仓库安装

首先进行下载文件
然后安装
然后进入目录下

修改文件内容
hostname: reg.westos.org

# http related config
http:
  # port for http, default is 80. If https enabled, this port will redirect to https port
  port: 80

# https related config
https:
  # https port for harbor, default is 443
  port: 443
  # The path of cert and key files for nginx
  certificate: /data/certs/westos.org.crt
  private_key: /data/certs/westos.org.key

然后

cat docker-compose-Linux-x86_64-1.27.0 >> /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose 
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
docker-compose --version

然后修改认证
把以开始完成的认证
移动到这个下面去

mv  certs/ /data/certs

然后就完成了

执行./install.sh
然后就可以访问了

三、harbor仓库的一些功能

要先down掉

docker-compose down
./install.sh --with-clair --with-chartmuseum --with-notary

这就是刷新认证功能