• 部署docker-registry+ui shell 域名证书-用户认证


    #部署docker-registry+ui shell

    docker registry 配置域名证书, 用户密码认证, 轻量UI
    ansible部署docker-registry+ui https://www.cnblogs.com/elvi/p/13394492.html


    #!/bin/bash
    #run.docker-registry.sh
    #部署docker registry +ui
    # By Elvin
    
    #目录
    data_dir=/data/docker/docker-registry
    mkdir -p $data_dir
    cd $data_dir
    
    #域名证书(使用我的证书为例)
    domain_name=hub.elvin.vip
    download_url=http://files.elvin.vip/docker
    if [  ! -e ${domain_name}_private.key -o  ! -e ${domain_name}_private.key ];then
    curl -so hub.elvin.vip_private.key    ${download_url}/${domain_name}_private.key
    curl -so hub.elvin.vip_full_chain.pem ${download_url}/${domain_name}_full_chain.pem
    fi
    
    #创建密码文件,用户admin 密码 docker
    docker run --rm alivv/htpasswd admin docker >htpasswd
    
    #创建网络 registry-net
    if [ $(docker network ls |grep registry-ui-net |wc -l) -ne 1 ];then
        docker network create --subnet 10.20.20.0/24 --gateway 10.20.20.1 registry-net
    fi
    
    #registry-srv
    docker rm -f registry-srv &>/dev/null
    docker run -dit --name registry-srv 
    --privileged=true --restart=always 
    --net registry-net -p 443:443 
    --memory 512M 
    -v $data_dir:/var/lib/registry 
    -v /etc/localtime:/etc/localtime:ro 
    -e REGISTRY_AUTH=htpasswd 
    -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" 
    -e REGISTRY_AUTH_HTPASSWD_PATH=/var/lib/registry/htpasswd 
    -e REGISTRY_HTTP_ADDR=0.0.0.0:443 
    -e REGISTRY_STORAGE_DELETE_ENABLED=true 
    -e REGISTRY_HTTP_TLS_KEY=/var/lib/registry/hub.elvin.vip_private.key 
    -e REGISTRY_HTTP_TLS_CERTIFICATE=/var/lib/registry/hub.elvin.vip_full_chain.pem 
    registry
    
    #registry-ui
    docker rm -f registry-ui  &>/dev/null
    docker run -d --name registry-ui 
    --restart=always 
    --memory 64M 
    --net registry-net -p 80:80 
    -v /etc/localtime:/etc/localtime:ro 
    -e REGISTRY_URL=https://registry-srv:443 
    -e PULL_URL=${domain_name} 
    -e DELETE_IMAGES=true 
    -e REGISTRY_TITLE="Docker registry" 
    joxit/docker-registry-ui:1.3-static
    
    

    #docker pull images

    #下载images
    docker pull alpine
    docker pull alpine:3.12
    
    #docker tag 添加仓库前缀地址
    docker tag  alpine  hub.elvin.vip/demo/alpine
    docker tag  alpine:3.12  hub.elvin.vip/demo/alpine:3.12
    
    #登录
    docker login hub.elvin.vip
    
    #images push
    docker push hub.elvin.vip/demo/alpine
    docker push hub.elvin.vip/demo/alpine:3.12
    

    #浏览器登录查看


    #remove demo
    docker rm -f registry-srv 
    docker rm -f registry-ui 
    docker network rm registry-ui-net
    

    registry非本机,设置hosts解析 ip hub.elvin.vip
    Docker Registry UI 当前最新版1.5, 界面有改动,显示pull hash值
    github https://github.com/Joxit/docker-registry-ui

  • 相关阅读:
    权限和分组
    验证与授权
    CSRF、XSS、clickjacking、SQL 的攻击与防御
    上下文处理器及中间件
    类和实例
    偏函数
    生成器
    迭代 复习
    函数调用 复习
    复习 条件判断,循环
  • 原文地址:https://www.cnblogs.com/elvi/p/13394449.html
Copyright © 2020-2023  润新知