1.安装openssl
yum install openssl -y
2.修改 /etc/hosts(使用域名)
192.168.72.136 registry.xx.com
3.mkdir -p ~/registry/certs.d/ && cd ~/registry/certs.d/
4.生成key
openssl genrsa -out registry.xx.com.key 2048
5.生成密钥文件
openssl req -newkey rsa:4096 -nodes -sha256 -keyout registry.xx.com.key -x509 -days 365 -out registry.xx.com.crt
6.创建RegistryFile
Dockerfile文件内容为:
FROM registry:2.6.1
MAINTAINER xiaolong@xx.com
ENV REGISTRY_HTTP_TLS_CERTIFICATE /opt/registry/certs/registry.xx.com.crt
ENV REGISTRY_HTTP_TLS_KEY /opt/registry/certs/registry.xx.com.key
RUN set -ex \
&& mkdir -p /opt/registry/certs
COPY registry.xx.com.crt /opt/registry/certs
COPY registry.xx.com.key /opt/registry/certs
VOLUME ["/var/lib/registry"]
EXPOSE 5000
7.在/etc/docker 中增加/certs.d/regsitry.xx.com/目录
mkdir -p /etc/docker/certs.d/registry.xx.com/
8.把生成的密钥文件拷贝到新增目录
cp registry.xx.com.crt /etc/docker/certs.d/registry.xx.com/
9.构建镜像
docker build -t registry2 -f ~/registry/certs.d/RegistryFile .
10.启动容器
docker run -d -p 443:5000 --restart=always --name registry2 -v /opt/registry/:/var/lib/registry registry2
11.针对镜像打tag标签
docker tag centos registry.xx.com/centos
12.上传docker镜像
docker push registry.xx.com/centos
13.下载docker镜像
docker pull registry.xx.com/centos