728x90
docker registry 서버 구성
- docker hub : https://hub.docker.com/_/registry
- github : https://github.com/distribution/distribution
SSL 인증서 생성(let's encrypt)
certbot.sh 스크립트 생성
vim certbot.sh
docker run -it --rm --name certbot \
-v '/etc/letsencrypt:/etc/letsencrypt' \
-v '/var/lib/letsencrypt:/var/lib/letsencrypt' \
certbot/certbot certonly -d 'dockerhub.scbyun.com' \
--manual --preferred-challenges dns \
--server https://acme-v02.api.letsencrypt.org/directory
chmod +x certbot.sh
SSL 인증서 갱신(let's encrypt renewal)
certbot-renew.sh 스크립트 생성
vim certbot-renew.sh
docker run -it --rm --name certbot \
-v '/etc/letsencrypt:/etc/letsencrypt' \
-v '/var/lib/letsencrypt:/var/lib/letsencrypt' \
certbot/certbot --renew-by-default certonly -d 'dockerhub.scbyun.com' \
--manual --preferred-challenges dns \
--server https://acme-v02.api.letsencrypt.org/directory
chmod +x certbot-renew.sh
.htpasswd 파일 생성
docker run --rm --entrypoint htpasswd registry:2.6.2 -Bbn admin admin > ./conf/registry/auth/registry.password
registry 컨테이너로 올리기
docker-compose.yml 파일 작성
version: '3.7'
services:
registry:
image: registry:2
restart: unless-stopped
container_name: registry
# privileged: true
environment:
REGISTRY_HTTP_ADDR: 0.0.0.0:5000
REGISTRY_HTTP_TLS_KEY: /etc/letsencrypt/live/dockerhub.scbyun.com/privkey.pem
REGISTRY_HTTP_TLS_CERTIFICATE: /etc/letsencrypt/live/dockerhub.scbyun.com/fullchain.pem
REGISTRY_AUTH: htpasswd
REGISTRY_AUTH_HTPASSWD_REALM: "Registry Realm"
REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password
volumes:
- /etc/letsencrypt:/etc/letsencrypt:ro
- ./registry:/var/lib/registry/docker/registry/v2
- ./conf/registry/auth/registry.password:/auth/registry.password
ports:
- 5000:5000
networks:
- registry-net
docker-compose up -d
$ docker-compose ps
NAME COMMAND SERVICE STATUS PORTS
registry "/entrypoint.sh /etc…" registry running 0.0.0.0:5000->5000/tcp
private registry 이미지 업로드하기
private registry 로그인
docker login -u admin https://dockerhub.scbyun.com:5000
$ docker login -u admin https://dockerhub.scbyun.com:5000
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
이미지 태그 설정
docker image tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]
docker tag centos:7 dockerhub.scbyun.com:5000/centos:7
이미지 PUSH
docker image push [OPTIONS] NAME[:TAG]
docker push dockerhub.scbyun.com:5000/centos:7
private registry 이미지 확인
curl -XGET https://admin:admin@dockerhub.scbyun.com:5000/v2/_catalog
$ curl -XGET https://admin:admin@dockerhub.scbyun.com:5000/v2/_catalog
{"repositories":["centos","hello-world"]}
curl -XGET https://admin:admin@dockerhub.scbyun.com:5000/v2/centos/tags/list
$ curl -XGET https://admin:admin@dockerhub.scbyun.com:5000/v2/centos/tags/list
{"name":"centos","tags":["7"]}
이미지 PULL
docker image pull [OPTIONS] NAME[:TAG|@DIGEST]
docker pull dockerhub.scbyun.com:5000/centos:7
$ docker pull dockerhub.scbyun.com:5000/centos:7
7: Pulling from centos
2d473b07cdd5: Pull complete
Digest: sha256:dead07b4d8ed7e29e98de0f4504d87e8880d4347859d839686a31da35a3b532f
Status: Downloaded newer image for dockerhub.scbyun.com:5000/centos:7
dockerhub.scbyun.com:5000/centos:7
728x90
'리눅스' 카테고리의 다른 글
Sonatype Nexus3를 Docker Compose를 사용하여 실행하는 방법 (0) | 2022.03.18 |
---|---|
[리눅스] docker commit 명령 (0) | 2022.03.18 |
PHP phpinfo.php 페이지를 생성하는 방법 (0) | 2022.03.16 |
CentOS 7에서 PHP-FPM 8.1을 설치하는 방법 (0) | 2022.03.16 |
SSH 접속 시 RSA 공개키(ECDSA) 충돌 문제를 해결하는 방법 (0) | 2022.03.15 |