Of Stack

How does docker set up a private warehouse (ubuntu 14.04 Docker version 1.6.4)

  • 2020-06-03 08:50:11
  • OfStack

docker builds private warehouses

This article describes how multiple machines can access their own private warehouses in an Intranet that requires CA authentication! The simplest, the lowest safeguard private warehouse security! In a relatively large cluster, you can run replica for multiple private warehouses and then borrow the agent to request balance!

1. Test environment

My test environment is ubuntu 14.04, version 1.6.4 of Docker (version is slightly older, the installation process of new version is one sample). The official website says :You need to Docker version 1.6.0 or newer.

Two machines are running on aliyun:

CPU: 1 Nuclear memory: 1024 MB (I/O optimized)
112.74.165.87 (male)
172.18.222.77 (private)

112.74.166.40 (male)
172.18.222.78 (private)

2. docker installation (two machines)

3. Create CA certificates with openssl

In 172.18.222.77 machine, root directory: 


 $ mkdir certs

Create a certificate 


$ openssl req \
   -newkey rsa:2048 -nodes -keyout certs/domain.key \
   -x509 -days 365 -out certs/domain.crt

One key and one crt are generated under the certs directory

Start the container with ca

In the 172.18.222.77 machine, pull the mirror image 


$ sudo docker pull registry

Create a container 


docker run -d -p 5000:5000 --restart=always --name registry \
 -v `pwd`/certs:/certs \
 -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
 -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
 registry

5. Configure hosts file (two machines)

Configure the ip address 


$ vim /etc/hosts

Configure the ES74en. com address as the ip address of the private warehouse and add: 


172.18.222.77  my.com

6. Configure certificates

The certificate will be generated cp to/etc/docker/certs d/my com: 5000 / ca crt, need to use domain name my. com all need to configure the mirror.

docker is best restarted 1 time 


$ service docker restart

7. Test

Do the following while the private warehouse is installed 


$ docker tag registry my.com:5000/registry
$ docker push my.com:5000/registry
$ docker pull my.com:5000/registry

Execute on another machine 


$ docker pull my.com:5000/registry

Then perform 


$ docker images

The output 


$ openssl req \
   -newkey rsa:2048 -nodes -keyout certs/domain.key \
   -x509 -days 365 -out certs/domain.crt
0

Thank you for reading, I hope to help you, thank you for your support to this site!

Related articles: