#拉取docker仓库镜像
docker pull registry:2.7.0
#创建临时文件夹(用于存储仓库所需密钥和证书以及挂载目录)
mkdir -p /root/registry/auth /root/registry/certs /root/registry/share
#生成仓库证书,master1为自定义的主机名,你可以直接使用IP地址
openssl req -x509 -days 3650 -subj '/CN=master1:5000/' -nodes -newkey rsa:2048 -keyout /root/registry/certs/domain.key -out /root/registry/certs/domain.crt
#创建临时仓库容器,通过临时仓库容器内的密钥生成组件生成密钥
docker run --name registry --entrypoint htpasswd registry:2.7.0 -Bbn root Aa123456 > /root/registry/auth/htpasswd
#删除临时仓库容器
docker rm -f registry
#创建仓库容器
docker run -d -p 5000:5000 --restart always --name registry -v /root/registry/share:/var/lib/registry -v /root/registry/auth:/auth -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd -v /root/registry/certs:/certs -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key registry:2.7.0
#创建仓库证书目录
mkdir -p /etc/docker/certs.d/master1:5000
#拷贝之前生成的证书到仓库证书目录中
cp /root/registry/certs/domain.crt /etc/docker/certs.d/master1:5000
#修改docker配置,注册私有仓库
vim /etc/docker/daemon.json
{
"exec-opts":["native.cgroupdriver=systemd"],
"registry-mirrors":["https://6yu5a2i2.mirror.aliyuncs.com"],
"insecure-registries":["master1:5000"]
}
#重载docker配置
systemctl reload docker
#重启docker
systemctl restart docker
#拉取测试镜像
docker pull hello_world
#重新指定测试镜像标签
docker tag hello_world master1:5000/hello_world
#登录docker仓库
docker login master1:5000
#推送测试镜像到私有仓库
docker push master1:5000/hello_world
#删除本地测试镜像
docker rmi master1:5000/hello_world
#从私有仓库中重新拉取刚才推送的测试镜像
docker pull master1:5000/hello_world
#查看当前本地镜像,如果成功,则表示从私有仓库中拉取测试镜像成功了
docker images
#完结撒花
