Docker 배치 DockerRegistry 창고 설치

미러 다운로드

docker pull registry.docker-cn.com/library/registry

로컬 데이터 폴더 만들기

mkdir /data/data/docker-registry
mkdir /data/data/docker-registry-auth

사용자 라이센스 파일 만들기

docker run --entrypoint htpasswd registry.docker-cn.com/library/registry -Bbn 1iURI root >> /data/data/docker-registry-auth/htpasswd

컨테이너 실행

docker run -d -p 5000:5000 --restart=always \
-v /data/data/docker-registry-auth:/auth \
-e "REGISTRY_AUTH=htpasswd" \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" \
-v /data/data/docker-registry:/var/lib/registry/ \
registry.docker-cn.com/library/registry

docker registry 로그인

docker login docker.lemonlib.com

성공적으로 실행되었는지 확인

curl http://192.168.0.100:5000/v2/_catalog

docker-registry-ui 설치

docker run \
-d \
--restart always \
-e ENV_DOCKER_REGISTRY_HOST=docker.lemonlib.com \
-e ENV_DOCKER_REGISTRY_PORT=443 \
-e ENV_DOCKER_REGISTRY_USE_SSL=1 \
-p 5001:80 \
registry.docker-cn.com/konradkleine/docker-registry-frontend

nginx 역방향 프록시 설정

server {
listen 80;
listen 443 ssl;
server_name docker.lemonlib.com;
ssl on;
ssl_certificate /etc/nginx/custom_conf/ssl/1_docker.lemonlib.com_bundle.crt;
ssl_certificate_key /etc/nginx/custom_conf/ssl/2_docker.lemonlib.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # 
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;# 
ssl_prefer_server_ciphers on;

location / {
proxy_set_header X-Forwarded-Proto https;

proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://yourip:5000/;
proxy_redirect off;
}
}

오류 해결

proxy_set_header X-Forwarded-Proto https;