How to get remote access to a private docker-regis

2019-01-08 05:05发布

站内问答 / Docker
1156 16 5

I'm trying to setup a private docker registry using the image taken from: https://github.com/docker/docker-registry

Just by running:
docker run -p 5000:5000 registry

I can pull/push from/to this repository only from localhost, but if i try to access it from another machine (using a private address on the same LAN) it fails with an error message:

*2014/11/03 09:49:04 Error: Invalid registry endpoint https ://10.0.0.26:5000/v1/': 
Get https:// 10.0.0.26:5000/v1/_ping: Forbidden. If this private 
registry supports only HTTP or HTTPS with an unknown CA certificate,
please add `--insecure-registry 10.0.0.26:5000` to the daemon's 
arguments. In the case of HTTPS, if you have access to the registry's
CA certificate, no need for the flag; simply place the CA certificate 
at /etc/docker/certs.d/10.0.0.26:5000/ca.crt*

What drives me crazy is that I can access it successfully using: curl 10.0.0.26:5000 and/or curl 10.0.0.26:5000/v1/search

I also don't understand where and how I should pass the --insecure-registry flag.

16条回答
冷血范
2楼-- · 2019-01-08 05:28

Edit the config file "/etc/default/docker"

sudo vi /etc/default/docker

add the line at the end of file

DOCKER_OPTS="$DOCKER_OPTS --insecure-registry=192.168.2.170:5000"

(replace the 192.168.2.170 with your own ip address)

and restart docker service

sudo service docker restart

查看更多
0人赞 添加讨论(0) 举报
Emotional °昔
3楼-- · 2019-01-08 05:28

Two step solution(without --insecure-registry):

  1. Download public key from your registry
  2. Put it into /etc/docker/certs.d/$HOSTNAME/ directory

 

mkdir -p /etc/docker/certs.d/10.0.0.26:5000
echo -n | openssl s_client -connect 10.0.0.26:5000 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /etc/docker/certs.d/10.0.0.26:5000/registry.crt

Now your docker will trust your self-signed certificate.

查看更多
0人赞 添加讨论(0) 举报
Ridiculous、
4楼-- · 2019-01-08 05:29

To save you hassle, why don't you just use the FREE private docker registry service provided by gitlab - works great

https://about.gitlab.com/2016/05/23/gitlab-container-registry/

Their registry is secure so you won't have any issues

查看更多
0人赞 添加讨论(0) 举报
Summer. ? 凉城
5楼-- · 2019-01-08 05:35

use the following command replacing {YOUR_REGISTRY} with your registry

boot2docker ssh "echo $'EXTRA_ARGS=\"--insecure-registry {YOUR_REGISTRY}\"' | sudo tee -a /var/lib/boot2docker/profile && sudo /etc/init.d/docker restart"
查看更多
0人赞 添加讨论(0) 举报
上一页 1 2 3
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)