Continue, this article describes the simplest steps to build a private warehouse.
In summary:
The easiest way to install Registry is to directly pull a ready-made Registry image.
<code>docker pull registry</code>
Then start it.
<code>docker run <span>-p</span><span>5000</span>:<span>5000</span><span>-v</span> /home/registry:/tmp/registry registry</code>
Expose port 5000 to external services, and at the same time, load the host's /home/registry directory as the warehouse directory.
Now you can push your own image to this warehouse. You need to tag an image first, and then PUSH. The command is as follows:
<code>docker tag java:<span>7</span>-jre hub<span>.wo</span><span>.cn</span>/yancheng/java docker <span>push</span> hub<span>.wo</span><span>.cn</span>/yancheng/java</code>
At this time, a security error will inevitably be reported: 
From the error description It seems that there are two solutions, one is to use HTTP, and the other is to install the CA certificate.
Method 1, configure it as HTTP, which will be slightly faster and simpler. Just modify the /etc/default/docker file and add a sentence:
<code>DOCKER_OPTS=<span>"<span>$DOCKER_OPTS</span> --insecure-registry=hub.open.wo.cn"</span></code>
Then restart Docker, sudo service docker restart, and you can push normally.
Method 2, configuring the security certificate, is a bit troublesome, especially since our docker registry is behind nginx.
First, you need to generate your own certificate (operate on the server), the command is as follows:
<code>openssl genrsa -des3 -<span>out</span> hub<span>.key</span><span>2048</span> openssl rsa -<span>in</span> hub<span>.key</span> -<span>out</span> hub_nopwd<span>.key</span> openssl req -new -key hub_nopwd<span>.key</span> -<span>out</span> hub<span>.csr</span> openssl x509 -req -days <span>3650</span> -<span>in</span> hub<span>.csr</span> -signkey hub_nopwd<span>.key</span> -<span>out</span> hub<span>.crt</span></code>
Then, we configure Nginx to add support for HTTPS.
<code>server {
listen <span>443</span>;
server_name hub<span>.</span>wo<span>.</span><span>cn</span>;
ssl <span>on</span>;
ssl_certificate /usr/<span>local</span>/nginx/conf/hub<span>.</span>crt;
ssl_certificate_key /usr/<span>local</span>/nginx/conf/hub_nopwd<span>.</span>key;
location <span>/</span> {
proxy_pass http:<span>//10.250.251.20:5000;</span>
proxy_redirect off;
proxy_set_header Host <span>$host</span>;
proxy_set_header x<span>-forwarded</span><span>-for</span><span>$remote_addr</span>;
}
}</code>Pay attention to the location of hub.crt and hub_nopwd.key. Restart nginx.
Now, you need to get this hub.crt locally and put it in the corresponding directory according to the prompts in the previous screenshot. That is: /etc/docker/certs.d/hub.open.wo.cn.
Restart docker again, and then push will be normal.
').addClass('pre-numbering').hide(); $(this).addClass('has-numbering').parent().append($numbering); for (i = 1; i ').text(i)); }; $numbering.fadeIn(1700); }); });The above has introduced Docker: the construction of a private warehouse, including aspects of it. I hope it will be helpful to friends who are interested in PHP tutorials.
The difference between k8s and docker
nginx restart
Detailed explanation of nginx configuration
Detailed explanation of nginx configuration
What are the differences between tomcat and nginx
What are the methods for docker to enter the container?
What should I do if the docker container cannot access the external network?
What is the use of docker image?
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
