CENTOS7 Building Docker secure private warehouse based on Nginx and Registry2.0

Role: Nginx do reverse proxy, in the access to the private warehouse with a password verification, the password is generated by htpasswd

ip:192.168.0.227

1. Download registry2.0 image

Docker Pull registry:2.1.1

2. Installing Nginx

Yum-y Install Nginx

3. Create Docker warehouse data and configuration directory

sudo mkdir-p/opt/docker/registry/datasudo mkdir-p/opt/docker/registry/conf

4. Run the Docker warehouse

Docker run-d-P 5000:5000-v/opt/docker/registry/data:/tmp/registry--name Registry docker.io/registry:2.1.1

5. Create an account password to access the warehouse based on HTPASSWD

Yum-y Install Httpd-tools #htpasswd是apache的工具htpasswd-C/opt/docker/registry/conf/docker-registry.htpasswd Jack The first time you create it, add-chtpasswd/opt/docker/registry/conf/docker-registry.htpasswd user2

6. Configure Nginx

Vim  /etc/nginx/nginx.conf# for more information on configuration, see :#   * official english documentation: http://nginx.org/en/docs/#    * Official Russian Documentation: http://nginx.org/ru/docs/user nginx; worker_processes auto;error_log /var/log/nginx/error.log;pid /run/nginx.pid;events {     worker_connections 1024;} http {    log_format  main   ' $remote _addr -  $remote _ user [$time _local]  "$request"   "                        ' $status   $body _bytes_sent  "$ Http_referer " "                         ' "$http _user_agent"   "$http _x_forwarded_For "';    access_log  /var/log/nginx/access.log  main;     sendfile            on;     tcp_nopush          on;     Tcp_nodelay         on;    keepalive_timeout    65;    types_hash_max_size 2048;    include              /etc/nginx/mime.types;     default_type        application/octet-stream;     # load modular configuration files from the /etc/nginx/ conf.d directory.    # see http://nginx.org/en/docs/ngx_core_module.html# include    # for more information.    include /etc/nginx/conf.d/*.conf;     upstream webserver {                    #webserver为自定义, called below         server 192.168.0.227:5000;          #写要代理的IP:P ort        }    server {             listen       8080 default_server; # This defines the access port:http://192.168.0.227:8080/v2             location / {            auth_basic    "Please input username/password sina";             auth_basic_user_file  /opt/docker/registry/conf/docker-registry.htpasswd;             proxy_pass http://webserver;   # Call the top webserver        }       }     server {        listen        80 default_server;        listen        [::]:80 default_server;         server_name  _;        root          /usr/share/nginx/html;        #  load configuration files for the default server block.         include /etc/nginx/default.d/*.conf;        location / {         }        error_page 404  /404.html;            location = / 40x.html {        }         error_page 500 502 503 504 /50x.html;             location = /50x.html {         }    }}

7. Test:

Input Http://192.168.0.227:8080/v2 #因为配置文件中定义了8080

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/78/AC/wKioL1aBD-mjXakEAAB1lzc52S0660.png "title=" Upv6jt{%o '}v%}}u}uvizq.png "alt=" Wkiol1abd-mjxakeaab1lzc52s0660.png "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/78/AC/wKioL1aBEBOBAFofAAAkwsFp2pA818.png "title=" {U (_i[ [Bfwk4v5dt6j0{8ct.png "alt=" Wkiol1abebobafofaaakwsfp2pa818.png "/>

This article is from the "Ming Linux blog" blog, be sure to keep this source http://zhaijunming5.blog.51cto.com/10668883/1729287

CENTOS7 Building Docker secure private warehouse based on Nginx and Registry2.0