搭建仓库的服务器:A
拉去推送的服务器:B
A:
openssl req \
-newkey rsa:4096 -nodes -sha256 -keyout ./domain.key \
-x509 -days 365 -out ./domain.crt
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:GD
Locality Name (eg, city) []:SZ
Organization Name (eg, company) [Internet Widgits Pty Ltd]:COMPANY
Organizational Unit Name (eg, section) []:IT_SECTION
Common Name (e.g. server FQDN or YOUR name) []:your.domain.com
Email Address []:
注意:Common Name (e.g. server FQDN or YOUR name) []:your.domain.com 这一步填入域名
启动(证书位置替换为自己的):
docker run -d \
--restart=always \
--name registry \
-v /root/certs:/certs \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
-p 5000:5000 \
registry:2
B:
-
vi /etc/hosts 加入 192.168.1.3 your.domain.com 注意:A服务器上填写的域名
-
复制第一步中生成的 domain.crt 到 /etc/docker/certs.d/myregistrydomain.com:5000/ca.crt,路径中的域名注意替换成实际第一步中填写的
-
重启docker
sudo systemctl daemon-reload
sudo systemctl restart docker
- 执行docker pull xxxx docker push xxxx