by Anish
Posted on Monday July 29th 2019
Certs Location
mkdir -p /opt/certs
cd /opt/certs/
Generate the Certificate
quick self-signed certificate generate the key/certificate pair, then sign it, all with one openssl line
openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout server.key -out server.crt
Docker Data Location : This is where all docker registry Data will be stored
mkdir -p /opt/data
BASIC AUTH Config: This is where the basic auth realm will be stored
mkdir -p /opt/auth
BASIC AUTH Config File
cd /opt
docker run --entrypoint htpasswd registry:2 -Bbn dockerreg dockerreg > auth/htpasswd
Deploying the Private Docker registry with SSL and basic AUTH
The Registry is deployed as a container accessible via port 5000. Docker clients will use this domain to access the registry and push/pull images. By specifying a domain, a client can access multiple registries.
In this example our Docker registry is located at DNS localhost
docker run -d \
-p 5000:5000 \
--restart=always \
--name registry \
-v /opt/auth:/auth \
-e "REGISTRY_AUTH=htpasswd" \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
-v /opt/certs:/certs \
-v /opt/data:/var/lib/registry \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/server.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/server.key \
registry:2
Testing the registry Authentication
curl -kiv -H "Authorization: Basic $(echo -n "dockerreg:dockerreg" | base64)" https://localhost:5000/v2/
Testing the private docker registry
First Login to your private repository
docker login localhost:5000
Then
docker pull nginx:latest
docker tag nginx:latest localhost:5000/nginx:latest
docker push localhost:5000/nginx:latest
remove images so they need to be pulled again
docker rmi nginx localhost:5000/nginx
Now pull from the Local repository
docker pull localhost:5000/nginx
registry:
restart: always
image: registry:2
ports:
- 5000:5000
environment:
REGISTRY_HTTP_TLS_CERTIFICATE: /certs/server.crt
REGISTRY_HTTP_TLS_KEY: /certs/server.key
REGISTRY_AUTH: htpasswd
REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd
REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
volumes:
- /opt/data:/var/lib/registry
- /opt/certs:/certs
- /opt/auth:/auth
Start your registry by issuing the following command in the directory containing the docker-compose.yml
file:
docker-compose up -d
Next Reading : How to Monitoring All Executed Commands in Linux
Thanku for reading !!! Give a Share for Support
Asking for donation sound bad to me, so i'm raising fund from by offering all my Nine book for just $9