Table of contents
Local Registry 
gitlab
- 名前にプロジェクト名が付く.名前がひたすら長くなる.....
Docker Registry
Regstry 2
- https://qiita.com/zknzfz/items/61909e9a577e1b2a731b
- Basic認証,Token認証が可能
- Basic認証
- Token認証 docker_auth 使用)
#!/bin/bash docker run -d \ -p 5010:443 \ --restart=always \ --name registry \ -v /opt/data/docker_registry:/var/lib/registry \ -v /opt/data/auth:/auth \ -e REGISTRY_AUTH=token \ -e REGISTRY_AUTH_TOKEN_REALM=https://gitlab.nsl.tuis.ac.jp:5011/auth \ -e REGISTRY_AUTH_TOKEN_SERVICE="Docker Registry" \ -e REGISTRY_AUTH_TOKEN_ISSUER="NSL Auth Server" \ -e REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE=/certs/gitlab.crt \ -v /etc/gitlab/ssl:/certs \ -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \ -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/gitlab.crt \ -e REGISTRY_HTTP_TLS_KEY=/certs/gitlab.key \ registry:2
docker_auth
- Tokun による認証が可能
- docker_auth.sh
#!/bin/bash docker run -itd \ -p 5011:5001 \ --restart=always \ --name docker_auth \ -v /var/log/docker_auth:/logs \ -v /etc/gitlab/ssl:/certs \ -e REGISTRY_HTTP_ADDR=0.0.0.0:5001 \ -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/gitlab.crt \ -e REGISTRY_HTTP_TLS_KEY=/certs/gitlab.key \ -v /opt/data/auth:/auth:ro \ cesanta/docker_auth:1 /auth/auth_config.yml
- auth_config.yml
server: addr: ":5001" certificate: "/certs/gitlab.crt" key: "/certs/gitlab.key" token: issuer: "NSL Auth Server" # Must match issuer in the Registry config. expiration: 900 users: # Password is specified as a BCrypt hash. Use `htpasswd -nB USERNAME` to generate. "alice": password: "$2y$05$TW......." "bob": password: "$2y$05$1b......." "": {} acl: - match: {account: "alice"} actions: ["*"] - match: {account: "bob"} actions: ["*"] - match: {account: ""} actions: ["pull"] comment: "Anonymous users can pull"
UI
- docker_auth を使用すると docker-registry-frontend は使用できない.(Token認証に対応していない)
Counter: 433,
today: 1,
yesterday: 0
Last-modified: 2021-09-25 (Sat) 18:24:00 (JST) (948d) by iseki
