- 浏览: 2550976 次
- 性别:
- 来自: 成都
文章分类
最新评论
-
nation:
你好,在部署Mesos+Spark的运行环境时,出现一个现象, ...
Spark(4)Deal with Mesos -
sillycat:
AMAZON Relatedhttps://www.godad ...
AMAZON API Gateway(2)Client Side SSL with NGINX -
sillycat:
sudo usermod -aG docker ec2-use ...
Docker and VirtualBox(1)Set up Shared Disk for Virtual Box -
sillycat:
Every Half an Hour30 * * * * /u ...
Build Home NAS(3)Data Redundancy -
sillycat:
3 List the Cron Job I Have>c ...
Build Home NAS(3)Data Redundancy
Private Registry 2020(1)No auth in registry Nginx AUTH for UI
Deploy basic registry server
> docker run -d -p 5000:5000 --name registry registry:2
Have it running
> docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5676dd2a19e0 registry:2 "/entrypoint.sh /etc…" 12 seconds ago Up 11 seconds 0.0.0.0:5000->5000/tcp registry
It is running basic config, verify that
> docker pull ubuntu:16.04
Tag the ubuntu to point to our own registry
> docker tag ubuntu:16.04 localhost:5000/c-ubuntu
Push to localhost
> docker push localhost:5000/c-ubuntu
Remove local images
> docker image remove ubuntu:16.04
> docker rmi localhost:5000/c-ubuntu
Finally, we can pull from the remote
> docker pull localhost:5000/c-ubuntu
We can enable the UI https://github.com/Joxit/docker-registry-ui
Run the Docker UI
> docker run -d -p 80:80 -e URL=http://localhost:5000 -e DELETE_IMAGES=true joxit/docker-registry-ui
It will not work because I run 2 docker and use localhost, they can not find each other. Try on my rancher-home virtual box.
>docker run -d -p 5000:5000 --name registry registry:2
>docker run -d -p 80:80 -e URL=http://rancher-home:5000 -e DELETE_IMAGES=true joxit/docker-registry-ui
It is not working because of the CORS. Try add settings for registry
Prepare the Password configuration
> docker run --entrypoint htpasswd registry:2 -Bbn sillycat ‘password' > conf/htpasswd
Try this
> docker run -d -p 80:80 -e REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin="*" -e URL=http://rancher-home:5000 -e DELETE_IMAGES=true joxit/docker-registry-ui
Visit page with username and password is working fine
http://admin:admin~!%40@rancher-home:5000/v2/_catalog?n=100000
Try this
> docker tag ubuntu:16.04 192.168.56.110:5000/a-ubuntu
> docker push 192.168.56.110:5000/a-ubuntu
The push refers to repository [192.168.56.110:5000/a-ubuntu]
Get https://192.168.56.110:5000/v2/: http: server gave HTTP response to HTTPS client
Solution:
https://github.com/docker/distribution/issues/1874
Check this file and add our website there
> cat /etc/docker/daemon.json
{
"insecure-registries": [
"192.168.56.110:8088",
"192.168.56.111:8088",
"192.168.56.112:8088",
"rancher-worker1:8088",
"rancher-worker2:8088",
"rancher-home:8088",
"159.89.253.84:80",
"10.132.242.85:8088"
]
}
Restart the service
> sudo systemctl restart docker.service
It works pretty well now
> docker tag ubuntu:16.04 rancher-home:5000/b-ubuntu
> docker push rancher-home:5000/b-ubuntu
Make it working with Nginx Authentication
>docker run -d -p 5001:80 -e REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin="*" -e URL=http://rancher-home:5000 -e DELETE_IMAGES=true joxit/docker-registry-ui
> docker run -d -p 5001:80 -e REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin="*" -e URL=http://rancher-home:5000 -e REGISTRY_URL=http://rancher-home:5000 -e NGINX_PROXY_HEADER_X_Forwarded_For=$$proxy_add_x_forwarded_for -e DELETE_IMAGES=true joxit/docker-registry-ui
NGINX_PROXY_HEADER_Authorization=Basic cmVnaXN0cnk6dWk=
We can try this as well.
upstream registry {
server localhost:5001;
}
location /registry/ {
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass http://registry/;
}
Working Makefile for registry
PORT=5000
IMAGE=registry
TAG=2
NAME=docker-registry-$(PORT)
#-v $(shell pwd)/conf/htpasswd:/etc/docker/registry/htpasswd \
run:
docker run \
-d \
-p $(PORT):5000 \
-v $(shell pwd)/registry:/var/lib/registry \
-v $(shell pwd)/conf/config.yml:/etc/docker/registry/config.yml \
--name $(NAME) \
$(IMAGE):$(TAG)
clean:
docker stop ${NAME}
docker rm ${NAME}
Configuration for no auth registry in conf/config.yml
version: 0.1
log:
fields:
service: registry
storage:
delete:
enabled: true
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
headers:
X-Content-Type-Options: [nosniff]
Access-Control-Allow-Origin: ['*']
Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE']
Access-Control-Expose-Headers: ['Docker-Content-Digest']
#Access-Control-Allow-Origin: ['http://rancher-home']
#Access-Control-Allow-Headers: ['Authorization']
#Access-Control-Max-Age: [1728000]
#Access-Control-Allow-Credentials: [true]
#auth:
# htpasswd:
# realm: basic-realm
# path: /etc/docker/registry/htpasswd
References:
https://docs.docker.com/registry/deploying/
https://github.com/Quiq/docker-registry-ui
https://github.com/mkuchin/docker-registry-web
https://github.com/Joxit/docker-registry-ui
https://github.com/Joxit/docker-registry-ui/blob/master/examples/proxy-headers/docker-compose.yml
Deploy basic registry server
> docker run -d -p 5000:5000 --name registry registry:2
Have it running
> docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5676dd2a19e0 registry:2 "/entrypoint.sh /etc…" 12 seconds ago Up 11 seconds 0.0.0.0:5000->5000/tcp registry
It is running basic config, verify that
> docker pull ubuntu:16.04
Tag the ubuntu to point to our own registry
> docker tag ubuntu:16.04 localhost:5000/c-ubuntu
Push to localhost
> docker push localhost:5000/c-ubuntu
Remove local images
> docker image remove ubuntu:16.04
> docker rmi localhost:5000/c-ubuntu
Finally, we can pull from the remote
> docker pull localhost:5000/c-ubuntu
We can enable the UI https://github.com/Joxit/docker-registry-ui
Run the Docker UI
> docker run -d -p 80:80 -e URL=http://localhost:5000 -e DELETE_IMAGES=true joxit/docker-registry-ui
It will not work because I run 2 docker and use localhost, they can not find each other. Try on my rancher-home virtual box.
>docker run -d -p 5000:5000 --name registry registry:2
>docker run -d -p 80:80 -e URL=http://rancher-home:5000 -e DELETE_IMAGES=true joxit/docker-registry-ui
It is not working because of the CORS. Try add settings for registry
Prepare the Password configuration
> docker run --entrypoint htpasswd registry:2 -Bbn sillycat ‘password' > conf/htpasswd
Try this
> docker run -d -p 80:80 -e REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin="*" -e URL=http://rancher-home:5000 -e DELETE_IMAGES=true joxit/docker-registry-ui
Visit page with username and password is working fine
http://admin:admin~!%40@rancher-home:5000/v2/_catalog?n=100000
Try this
> docker tag ubuntu:16.04 192.168.56.110:5000/a-ubuntu
> docker push 192.168.56.110:5000/a-ubuntu
The push refers to repository [192.168.56.110:5000/a-ubuntu]
Get https://192.168.56.110:5000/v2/: http: server gave HTTP response to HTTPS client
Solution:
https://github.com/docker/distribution/issues/1874
Check this file and add our website there
> cat /etc/docker/daemon.json
{
"insecure-registries": [
"192.168.56.110:8088",
"192.168.56.111:8088",
"192.168.56.112:8088",
"rancher-worker1:8088",
"rancher-worker2:8088",
"rancher-home:8088",
"159.89.253.84:80",
"10.132.242.85:8088"
]
}
Restart the service
> sudo systemctl restart docker.service
It works pretty well now
> docker tag ubuntu:16.04 rancher-home:5000/b-ubuntu
> docker push rancher-home:5000/b-ubuntu
Make it working with Nginx Authentication
>docker run -d -p 5001:80 -e REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin="*" -e URL=http://rancher-home:5000 -e DELETE_IMAGES=true joxit/docker-registry-ui
> docker run -d -p 5001:80 -e REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin="*" -e URL=http://rancher-home:5000 -e REGISTRY_URL=http://rancher-home:5000 -e NGINX_PROXY_HEADER_X_Forwarded_For=$$proxy_add_x_forwarded_for -e DELETE_IMAGES=true joxit/docker-registry-ui
NGINX_PROXY_HEADER_Authorization=Basic cmVnaXN0cnk6dWk=
We can try this as well.
upstream registry {
server localhost:5001;
}
location /registry/ {
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass http://registry/;
}
Working Makefile for registry
PORT=5000
IMAGE=registry
TAG=2
NAME=docker-registry-$(PORT)
#-v $(shell pwd)/conf/htpasswd:/etc/docker/registry/htpasswd \
run:
docker run \
-d \
-p $(PORT):5000 \
-v $(shell pwd)/registry:/var/lib/registry \
-v $(shell pwd)/conf/config.yml:/etc/docker/registry/config.yml \
--name $(NAME) \
$(IMAGE):$(TAG)
clean:
docker stop ${NAME}
docker rm ${NAME}
Configuration for no auth registry in conf/config.yml
version: 0.1
log:
fields:
service: registry
storage:
delete:
enabled: true
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
headers:
X-Content-Type-Options: [nosniff]
Access-Control-Allow-Origin: ['*']
Access-Control-Allow-Methods: ['HEAD', 'GET', 'OPTIONS', 'DELETE']
Access-Control-Expose-Headers: ['Docker-Content-Digest']
#Access-Control-Allow-Origin: ['http://rancher-home']
#Access-Control-Allow-Headers: ['Authorization']
#Access-Control-Max-Age: [1728000]
#Access-Control-Allow-Credentials: [true]
#auth:
# htpasswd:
# realm: basic-realm
# path: /etc/docker/registry/htpasswd
References:
https://docs.docker.com/registry/deploying/
https://github.com/Quiq/docker-registry-ui
https://github.com/mkuchin/docker-registry-web
https://github.com/Joxit/docker-registry-ui
https://github.com/Joxit/docker-registry-ui/blob/master/examples/proxy-headers/docker-compose.yml
发表评论
-
Update Site will come soon
2021-06-02 04:10 1677I am still keep notes my tech n ... -
Stop Update Here
2020-04-28 09:00 315I will stop update here, and mo ... -
NodeJS12 and Zlib
2020-04-01 07:44 475NodeJS12 and Zlib It works as ... -
Docker Swarm 2020(2)Docker Swarm and Portainer
2020-03-31 23:18 367Docker Swarm 2020(2)Docker Swar ... -
Docker Swarm 2020(1)Simply Install and Use Swarm
2020-03-31 07:58 367Docker Swarm 2020(1)Simply Inst ... -
Traefik 2020(1)Introduction and Installation
2020-03-29 13:52 335Traefik 2020(1)Introduction and ... -
Portainer 2020(4)Deploy Nginx and Others
2020-03-20 12:06 429Portainer 2020(4)Deploy Nginx a ... -
Docker Compose 2020(1)Installation and Basic
2020-03-15 08:10 373Docker Compose 2020(1)Installat ... -
VPN Server 2020(2)Docker on CentOS in Ubuntu
2020-03-02 08:04 454VPN Server 2020(2)Docker on Cen ... -
Buffer in NodeJS 12 and NodeJS 8
2020-02-25 06:43 384Buffer in NodeJS 12 and NodeJS ... -
NodeJS ENV Similar to JENV and PyENV
2020-02-25 05:14 475NodeJS ENV Similar to JENV and ... -
Prometheus HA 2020(3)AlertManager Cluster
2020-02-24 01:47 421Prometheus HA 2020(3)AlertManag ... -
Serverless with NodeJS and TencentCloud 2020(5)CRON and Settings
2020-02-24 01:46 336Serverless with NodeJS and Tenc ... -
GraphQL 2019(3)Connect to MySQL
2020-02-24 01:48 246GraphQL 2019(3)Connect to MySQL ... -
GraphQL 2019(2)GraphQL and Deploy to Tencent Cloud
2020-02-24 01:48 450GraphQL 2019(2)GraphQL and Depl ... -
GraphQL 2019(1)Apollo Basic
2020-02-19 01:36 326GraphQL 2019(1)Apollo Basic Cl ... -
Serverless with NodeJS and TencentCloud 2020(4)Multiple Handlers and Running wit
2020-02-19 01:19 312Serverless with NodeJS and Tenc ... -
Serverless with NodeJS and TencentCloud 2020(3)Build Tree and Traverse Tree
2020-02-19 01:19 317Serverless with NodeJS and Tenc ... -
Serverless with NodeJS and TencentCloud 2020(2)Trigger SCF in SCF
2020-02-19 01:18 292Serverless with NodeJS and Tenc ... -
Serverless with NodeJS and TencentCloud 2020(1)Running with Component
2020-02-19 01:17 311Serverless with NodeJS and Tenc ...
相关推荐
docker-nginx-auth-registry通过nginx对私有仓库的安全认证1.在宿主机上用htpasswd生成用户名和密码,作为nginx basic auth 的用户名和密码htpasswd -b -c -d docker-registry.htpasswd kiss test2.在宿主机上做好...
基于linux操作系统一键式安装部署Docker镜像私库registry®istry-ui
讲述了如何部署registry、registry-web的部署,以及registry-web如何管理registry私库的镜像上传、下载的授权、镜像删除、用户管理
带有UI的Docker Registry v2 它是什么? 这是一个由docker-compose组成的安装程序,在端口443上运行v2注册表,在端口80上运行nginx,为列出存储库及其标签的最小UI提供服务。 您可以使用docker-compose up -d来启动...
将 Docker Private Registry Web UI 作为容器运行 要求 >= v4.3.18 >= v1.6.5 启动 Docker 私有注册表 + 镜像 $ git clone https://github.com/YungSang/docker-registry-mirror.git $ cd docker-registry-mirror...
您可以在两个版本之间进行选择,即标准接口( joxit/docker-registry-ui:latest )和静态接口( joxit/docker-registry-ui:static )。 在标准界面中,没有默认注册表,您需要在UI中添加自己的注册表。 使用此版本...
您可以在两个版本之间进行选择,即标准接口( joxit/docker-registry-ui:latest )和静态接口( joxit/docker-registry-ui:static )。 在标准界面中,没有默认注册表,您需要在UI中添加自己的注册表。 使用此版本...
Files contained in registry-3.1.3.jar: META-INF/MANIFEST.MF com.ice.jni.registry.RegMultiStringValue.class com.ice.jni.registry.RegBinaryValue.class com.ice.jni.registry.RegistryException.class ...
nginx1.18镜像包 使用docker load -i xx.tar 拉取镜像 使用docker images 查看是否成功。 运行容器 docker run --name nginx-test -p 8080:80 -d nginx 参数说明: --name nginx-test:容器名称。 -p 8080:80: ...
api-ms-win-core-registry-l1-1-0.dll适用于window10 、windows server2012 64位系统
docker容器化+图形界面portainer+镜像私有仓库registry+docker-registry-ui+以及springboot+vue部署示例,安装文档自己部署了好几次,绝对可执行!!!
解决docker报错dial tcp lookup registry-1.docker.io
Docker Registry 2身份验证服务器原始Docker Registry服务器(v1)不提供对身份验证或授权的任何支持。 访问控制必须在外部执行,通常是通过具有基本身份验证或其他类型身份验证的反向代理模式部署Nginx。 尽管执行...
dockerhub经常访问不了,特地将registry下载到本地,供大家学习使用
Could not resolve dependencies for project org.apache.flink:flink-avro-confluent-registry:jar:1.15.3: Could not find artifact io.confluent:kafka-schema-registry-client:jar:6.2.2 in maven 安装本地...
该项目为基于Python的Docker多中心多版本Registry管理UI设计源码,包含60个文件,涉及11个Python脚本、7个CSS样式表、7个HTML...Breezes系统支持多中心和多版本Docker Registry的管理,旨在提供高效便捷的UI操作体验。
Docker Registry UI是一个成熟,易于使用且快速的Web应用程序,用于通过时尚的用户界面管理Docker Registry。 您可以注册一对多注册表,然后浏览,搜索和删除图像。 特征 该应用程序具有以下功能: 查看所有注册表...
META-INF/MANIFEST.MF com.ice.jni.registry.HexNumberFormat.class com.ice.jni.registry.NoSuchKeyException.class com.ice.jni.registry.NoSuchValueException.class com.ice.jni.registry.RegBinaryValue.class ...
远程注册表服务(Remote Registry)是Windows操作系统中的一个重要组件,主要功能是允许远程用户修改本地计算机的注册表设置。在日常的系统管理和网络维护中,这项服务对于远程诊断和修复问题,尤其是对于IT管理员和...