1、操作系统
ubuntu 14.04 x64
2、安装docker & docker-compose
2.1.安装docker
[url]http://www.widuu.com/chinese_docker/installation/ubuntu.html#Ubuntu安装Docker[/url]
[color=green][i]#Create the docker group 可做可不做[/i][/color]
[color=green][i]#Add your user to docker group[/i][/color]
[color=green][i]注:提示docker版本如“Docker version 1.11.1, build 20f81dd”则安装成功[/i][/color]
2.2.安装docker-compose
[url]https://docs.docker.com/compose/install/[/url]
[color=green][i]注:提示docker-compose版本如“docker-compose version 1.7.1, build 6c29830”则安装成功[/i][/color]
[size=large]3、搭建registry私库[/size]
[color=green][i]创建数据和证书目录[/i][/color]
[color=green][i]Docker的私有Registry要求使用https访问。需要生成ssl证书。[/i][/color]
[color=green][i]验证是否安装了openssl[/i][/color]
[color=green][i]如果已安装则显示openssl所在路径,没安装则什么也不显示[/i][/color]
[color=green][i]创建密码文件[/i][/color]
[color=green][i]生成密钥[/i][/color]
下面是输出,需要填写一些信息:
Generating a 4096 bit RSA private key
........................................++
..........................................++
writing new private key to 'certs/registry_tomhat_com.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:BeiJing
Locality Name (eg, city) []:BeiJing
Organization Name (eg, company) [Internet Widgits Pty Ltd]:ChinaOPS
Organizational Unit Name (eg, section) []:ChinaOPS
Common Name (e.g. server FQDN or YOUR name) []:registry.tomhat.com
Email Address []:
[color=green][i]注意:上面提示里的Common Name必须要添写完整域名[/i][/color]
使用编辑器编辑 /opt/docker/registry/docker-compose.yml,内容如下:
(docker/registry为源文档的docker_registry)
[color=green][i]使用docker-compose启动registry容器。[/i][/color]
注意:用root用户执行命令在docker-compose.yml所在目录
如下是正确提示
[i]Pulling registry (registry:2)...
2: Pulling from library/registry
efd26ecc9548: Pull complete
a3ed95caeb02: Pull complete
39091a8d8094: Pull complete
c5ad04c01f33: Pull complete
e441cc69d374: Pull complete
Digest: sha256:5206f99cc4d06dedc6d291324935ef134001f30fe05bf47e8d0b58d7e93e3843
Status: Downloaded newer image for registry:2
Creating cops_registry[/i]
访问:https://registry.tomhat.com/v2/_catalog
ubuntu 14.04 x64
2、安装docker & docker-compose
2.1.安装docker
[url]http://www.widuu.com/chinese_docker/installation/ubuntu.html#Ubuntu安装Docker[/url]
$ sudo apt-get update
$ sudo apt-get install linux-image-generic-lts-trusty
$ sudo reboot
$ wget -qO- https://get.docker.com/ | sh
$ sudo docker -v
[color=green][i]#Create the docker group 可做可不做[/i][/color]
$ sudo groupadd docker
[color=green][i]#Add your user to docker group[/i][/color]
$ sudo usermod -aG docker ubuntu(用户名)
[color=green][i]注:提示docker版本如“Docker version 1.11.1, build 20f81dd”则安装成功[/i][/color]
2.2.安装docker-compose
[url]https://docs.docker.com/compose/install/[/url]
$ which curl
# apt-get install curl -y
# apt-get install python-pip python-dev -y
# pip install -U docker-compose
# docker-compose --v
[color=green][i]注:提示docker-compose版本如“docker-compose version 1.7.1, build 6c29830”则安装成功[/i][/color]
[size=large]3、搭建registry私库[/size]
[color=green][i]创建数据和证书目录[/i][/color]
$ sudo mkdir -p /opt/docker/registry/data
$ sudo mkdir -p /opt/docker/registry/certs
[color=green][i]Docker的私有Registry要求使用https访问。需要生成ssl证书。[/i][/color]
$ cd /opt/docker/registry/
[color=green][i]验证是否安装了openssl[/i][/color]
$ which openssl
[color=green][i]如果已安装则显示openssl所在路径,没安装则什么也不显示[/i][/color]
$ sudo apt-get install openssl libssl-dev (libssl-dev:openssl开发库)
[color=green][i]创建密码文件[/i][/color]
$ openssl genrsa -out registry_tomhat_com.key 2048
[color=green][i]生成密钥[/i][/color]
$ openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/registry_tomhat_com.key -x509 -days 365 -out certs/registry_tomhat_com.crt
下面是输出,需要填写一些信息:
Generating a 4096 bit RSA private key
........................................++
..........................................++
writing new private key to 'certs/registry_tomhat_com.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:BeiJing
Locality Name (eg, city) []:BeiJing
Organization Name (eg, company) [Internet Widgits Pty Ltd]:ChinaOPS
Organizational Unit Name (eg, section) []:ChinaOPS
Common Name (e.g. server FQDN or YOUR name) []:registry.tomhat.com
Email Address []:
[color=green][i]注意:上面提示里的Common Name必须要添写完整域名[/i][/color]
使用编辑器编辑 /opt/docker/registry/docker-compose.yml,内容如下:
(docker/registry为源文档的docker_registry)
registry:
container_name : tomhat_registry
restart : always
image : registry:2
ports:
- 443:5000
environment:
REGISTRY_HTTP_TLS_CERTIFICATE: /certs/registry_tomhat_com.crt
REGISTRY_HTTP_TLS_KEY: /certs/registry_tomhat_com.key
volumes:
- /opt/docker/registry/data:/var/lib/registry
- /opt/docker/registry/certs:/certs
[color=green][i]使用docker-compose启动registry容器。[/i][/color]
# docker-compose up -d
注意:用root用户执行命令在docker-compose.yml所在目录
如下是正确提示
[i]Pulling registry (registry:2)...
2: Pulling from library/registry
efd26ecc9548: Pull complete
a3ed95caeb02: Pull complete
39091a8d8094: Pull complete
c5ad04c01f33: Pull complete
e441cc69d374: Pull complete
Digest: sha256:5206f99cc4d06dedc6d291324935ef134001f30fe05bf47e8d0b58d7e93e3843
Status: Downloaded newer image for registry:2
Creating cops_registry[/i]
# docker pull registry.ecloud.com.cn/tomcat
# docker tag 660259e51042 registry.tomhat.com/tomcat
# cp /opt/docker/registry/certs/registry_tomhat_com.crt /etc/docker/certs.d/regist.tomhat.com/
# echo '127.0.0.1 registry.tomhat.com' > /etc/hosts
# service docker restart
# docker push registry.tomhat.com/tomcat
访问:https://registry.tomhat.com/v2/_catalog