docker registry Other Way
On root home
openssl req -nodes -newkey rsa:4096 -keyout certs/docker-registry.key -out certs/docker-registry.csr -subj "/C=/ST=/L=/O=/OU=/CN=docker-registry"
openssl x509 -req -sha256 -days 365 -in certs/docker-registry.csr -signkey certs/docker-registry.key -out certs/docker-registry.crt
docker run -dp 5000:5000 --name registry -v "$(pwd)"/certs:/certs \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/docker-registry.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/docker-registry.key \
registry
nano /etc/hosts
> 192.168.99.118 docker-registry
cd /etc/docker
mkdir certs.d
cd certs.d
mkdir docker-registry:5000
cd docker-registry:5000
cp ~/certs/docker-registry.crt ca.crt
===== check registry is working
docker image pull busybox
docker image tag busybox docker-registry:5000/mybusybox
docker image push docker-registry:5000/mybusybox
docker run --rm docker-registry:5000/mybusybox echo "Hello from busybox"
//
docker rmi busybox docker-registry:5000/mybusybox
docker run --rm docker-registry:5000/mybusybox echo "Hello from busybox"
===== remove registry
docker container stop registry && docker container rm -v registry
列出私有仓库中的所有镜像
curl -k -X GET https://docker-registry:5000/v2/_catalog >> {"repositories":["mybusybox"]}
curl --cacert certs/docker-registry.crt https://docker-registry:5000/v2/_catalog
curl -k https://docker-registry:5000/v2/_catalog