Docker :Use Docker-Registry#2


This is the settings for accessing to Registry Server with HTTPS.
This example shows to configure to use Apache httpd.
[1]
Create SSL certificates on Registry Server, refer to here.
[2]Create a directory under the /etc/docker/certs.d on each Docker Node which name is just the one you specified for "Common Name" when creating certificates, and next, transfer "xxx.crt" file on Registry Server to the directory. Furthermore, if you created self signed certificates, Transfer "ca-bundle.crt", too.
[root@node01 ~]# 
ll /etc/docker/certs.d/dlp.srv.world 

total 268
-r--r--r-- 1 root root 266702 Dec 18 11:09 ca-bundle.crt
-rw-r--r-- 1 root root   1334 Dec 18 11:09 server.crt
[root@node01 ~]# 
vi /etc/sysconfig/docker
# line 23: comment out

#
INSECURE_REGISTRY='--insecure-registry dlp.srv.world:5000'
[root@node01 ~]# 
systemctl restart docker
[3]
Install Apache httpd on Docker-Registry Server, refer to here.
[4]
Configure SSL settings for httpd on Docker-Registry Server, rerer to here.
[5]Configure httpd on Docker-Registry Server like follows.
[root@dlp ~]# 
vi /etc/httpd/conf.d/docker-registry.conf
# create new

ProxyRequests off
ProxyPreserveHost on
ProxyPass / http://127.0.0.1:5000/
ProxyPassReverse / http://127.0.0.1:5000/
<Location />
    AuthType Basic
    AuthName "Basic Authentication"
    AuthUserFile /etc/httpd/conf/.htpasswd
    require valid-user
</Location>
[root@dlp ~]# 
htpasswd -c /etc/httpd/conf/.htpasswd cent 

New password: 
Re-type new password: 
Adding password for user cent
[root@dlp ~]# 
systemctl restart httpd
[6]It's OK all. Access to Registry Server from any Docker Nodes with HTTPS.
# login with a user which is added by htpasswd

[root@node01 ~]# 
docker login dlp.srv.world 

Username: 
cent

Password:
Email:
WARNING: login credentials saved in /root/.docker/config.json
Login Succeeded
[root@node01 ~]# 
docker tag web_server dlp.srv.world/webserver 

[root@node01 ~]# 
docker push dlp.srv.world/webserver 

[root@node01 ~]# 
docker search dlp.srv.world/web 

INDEX          NAME                                 DESCRIPTION   STARS     OFFICIAL   AUTOMATED
srv.world   dlp.srv.world/library/webserver                 0

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)