jenkins推送镜像到私有docker-registry

搭建docker-registry

pull镜像

docker pull registry:2

初步运行

docker run --rm -p 5000:5000 \
  -v /Users/xixicat/registry/data:/var/lib/registry \
  -v /Users/xixicat/registry/auth:/auth \
  registry:2

访问
http://192.168.99.100:5000/v2...

创建账户密码

docker run --rm --entrypoint htpasswd registry:2 -Bbn admin admin > ~/registry/auth/htpasswd

重新运行

docker run --rm -p 5000:5000 \
  -v /Users/xixicat/registry/data:/var/lib/registry \
  -v /Users/xixicat/registry/auth:/auth \
  -e "REGISTRY_AUTH=htpasswd" \
  -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
  -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
  registry:2

添加https

• 创建CA证书

docker run --rm -e COMMON_NAME=xixicat.com -e KEY_NAME=domain -v /Users/xixicat/registry/certs:/certs centurylink/openssl

• 设置hosts

sudo vim /etc/hosts
192.168.99.100 xixicat.com

• 安装证书

sudo mkdir -p /etc/docker/certs.d/xixicat.com:5000
sudo cp /Users/xixicat/registry/certs/domain.crt /etc/docker/certs.d/xixicat.com:5000/ca.crt

重启你的docker-machine

docker-machine restart yun

重新运行registry

docker run --rm -p 5000:5000 \
      -v /Users/xixicat/registry/data:/var/lib/registry \
      -v /Users/xixicat/registry/auth:/auth \
      -v /Users/xixicat/registry/certs:/certs \
      -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt\
      -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
      -e "REGISTRY_AUTH=htpasswd" \
      -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
      -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
      registry:2

检验是否成功

docker login xixicat.com:5000

jenkins推送docker镜像

在docker slave执行

推送镜像

输出log

doc

• Deploying a registry server

• 部署私有Docker Registry