(1)registry的构建历史
环境变量
[root@docker1 ~]#docker exec -it registry /bin/sh # shell类型是在镜像的构建历史中看的
/ # env
HOSTNAME=1d1c30f7e2ed
SHLVL=1
REGISTRY_AUTH=htpasswd
HOME=/root
REGISTRY_HTTP_ADDR=0.0.0.0:443
REGISTRY_HTTP_TLS_CERTIFICATE=/certs/wzj.com.crt
REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm
TERM=xterm
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
REGISTRY_HTTP_TLS_KEY=/certs/wzj.com.key
REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd
PWD=/
# 说明:和在命令行配置的是否一致!
补充
docker run -d \
--restart=always \
--name registry \
-v /data/registry:/var/lib/registry \
-v "$(pwd)"/auth:/auth \
-e "REGISTRY_AUTH=htpasswd" \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
-v "$(pwd)"/certs:/certs \
-e REGISTRY_HTTP_ADDR=0.0.0.0:443 -p 443:443 \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/wzj.com.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/wzj.com.key registry:2
核心
mkdir auth
mkdir certs
openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/wzj.com.key -x509 -days 365 -out certs/wzj.com.crt
docker run --rm --entrypoint htpasswd registry:2 -Bbn admin wzj110 > auth/htpasswd
mkdir -p /etc/docker/certs.d/wzj.com/
cp certs/wzj.com.crt /etc/docker/certs.d/wzj.com/ca.crt
cd /etc/docker/
for i in {2..4};do scp -r certs.d/ docker$i:`pwd`;done
docker run -d --restart=always --name registry -v /data/registry:/var/lib/registry -v "$(pwd)"/auth:/auth -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd -v "$(pwd)"/certs:/certs -e REGISTRY_HTTP_ADDR=0.0.0.0:443 -p 443:443 -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/wzj.com.crt -e REGISTRY_HTTP_TLS_KEY=/certs/wzj.com.key registry:2
docker login wzj.com
docker push wzj.com/nginx