docker私服搭建，配置域名访问，设置访问密码

启动registry

docker run -d \-p 5000:5000 \-v /opt/data/registry:/var/lib/registry \registry

docker pull  hello-world
docker tag hello-world 127.0.0.1:5000/hello-world
docker push 127.0.0.1:5000/hello-world

查询镜像

curl 192.168.171.146:5000/v2/_catalog#先删除本地镜像
docker pull 192.168.171.146:5000/hello-world

本机pull正常，如果要从其他机器通过ip:port pull，需要在其他机器配置docker

vim /etc/docker/daemon.json{"insecure-registries": ["192.168.171.146:5000"]
}systemctl daemon-reload 
systemctl restart docker

配置域名访问 HTTPS | HTTP

server {listen 443 ssl;ssl_certificate             /opt/ssl/stationdm.com.pem;ssl_certificate_key         /opt/ssl/stationdm.com.key;ssl_protocols               TLSv1.2 TLSv1.3;ssl_ciphers                 ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;ssl_prefer_server_ciphers   on;server_name                 docker-wang.stationdm.com;location / {                proxy_pass http://127.0.0.1:5000;}
}server {listen 80;        #监听80端口server_name  docker-wang.stationdm.com; #监听的域名location / {                #转发或处理proxy_pass http://127.0.0.1:5000;}
}

修改配置文件

vi /etc/nginx/nginx.conf

在http配置项增加以下配置

http {##省略其他配置##client_max_body_size 4096M;##省略其他配置##}

Nginx无法访问到服务

curl docker-wang.stationdm.com/v2/_catalog
[root@localhost docker]# curl docker-wang.stationdm.com/v2/_catalog
<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.20.1</center>
</body>
</html>

问题解决

setsebool -P httpd_can_network_connect 1

测试

docker pull hello-world
docker tag hello-world docker-wang.stationdm.com/hello-world
docker push docker-wang.stationdm.com/hello-worldcurl docker-wang.stationdm.com/v2/_catalogdocker pull docker-wang.stationdm.com/hello-world

创建密码

mkdir -p /etc/docker/registry
htpasswd -Bbn admin 123 > /etc/docker/registry/htpasswd
cat /etc/docker/registry/htpasswd

添加配置

sudo vim /etc/docker/registry/config.yml

version: 0.1
log:fields:service: registry
storage:cache:blobdescriptor: inmemoryfilesystem:rootdirectory: /var/lib/registry
http:addr: :5000headers:X-Content-Type-Options: [nosniff]
health:storagedriver:enabled: trueinterval: 10sthreshold: 3
auth:htpasswd:realm: basic-realmpath: /etc/docker/registry/htpasswd

删除容器，重启registry

docker run -d \
-p 5000:5000 \
-v /opt/data/registry:/var/lib/registry \
-v /etc/docker/registry/htpasswd:/etc/docker/registry/htpasswd \
-v /etc/docker/registry/config.yml:/etc/docker/registry/config.yml \
--restart=always \
--name registry \
registry

测试

docker pull docker-wang.stationdm.com/hello-world

登陆

docker login docker-wang.stationdm.com
admin
123