Debian 10 Buster
Sponsored Link

Docker : Docker-Registry (Authentication)2019/07/24

 
Configure Docker Private Registry which requires user authentication.
[1]
On the Node which you run Registry Pod, Get SSL certificates, refer to here.
[2] Install htpasswd command for adding users.
root@dlp:~#
apt -y install apache2-utils
[3] Add any user you like.
root@dlp:~#
htpasswd -Bc /etc/docker/.htpasswd admin

New password:
Re-type new password:
Adding password for user admin
[4] On this example, certificates are saved under [/etc/letsencrypt/live/(FQDN)] on Registry Node.
Run Registry Pod with htpasswd file created above and certificates.
root@dlp:~#
mkdir /etc/docker/certs.d

root@dlp:~#
cp /etc/letsencrypt/live/dlp.srv.world/fullchain.pem /etc/docker/certs.d/server.crt

root@dlp:~#
cp /etc/letsencrypt/live/dlp.srv.world/privkey.pem /etc/docker/certs.d/server.key
root@dlp:~# docker run -d -p 5000:5000 --restart=always --name registry \
-v /var/lib/registry:/var/lib/registry \
-v /etc/docker/certs.d:/certs \
-v /etc/docker:/auth \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/server.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/server.key \
-e REGISTRY_AUTH=htpasswd \
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/.htpasswd \
-e REGISTRY_AUTH_HTPASSWD_REALM="Registry Realm" \
registry:2 
e2c22e4df789fed4a03a3eaf281d8e03d223afd2359531a85e2dd357ddfbde37

root@dlp:~#
docker ps

CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
e2c22e4df789        registry:2          "/entrypoint.sh /etc…"   9 minutes ago       Up 9 minutes        0.0.0.0:5000->5000/tcp   registry
[5] That's OK to configure registry. Try to Push/Pull images from your Private Registry on any Docker nodes.
# login with a user you added

root@node01:~#
docker login dlp.srv.world:5000

Username:
admin

Password:
Login Succeeded
root@node01:~#
docker images

REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
nginx                           latest              e445ab08b2be        9 hours ago         126MB

root@node01:~#
docker tag nginx dlp.srv.world:5000/nginx

root@node01:~#
docker push dlp.srv.world:5000/nginx

The push refers to repository [dlp.srv.world:5000/nginx]
fe6a7a3b3f27: Pushed
d0673244f7d4: Pushed
d8a33133e477: Pushed
latest: digest: sha256:dc85890ba9763fe38b178b337d4ccc802874afe3c02e6c98c304f65b08af958f size: 948

root@node01:~#
docker images

REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
dlp.srv.world:5000/nginx        latest              e445ab08b2be        9 hours ago         126MB
nginx                           latest              e445ab08b2be        9 hours ago         126MB
Matched Content