我正在尝试使用标准docker注册表映像和Docker Registry Reverse Proxy(https://registry.hub.docker.com/u/marvambass/nginx-registry-proxy/)设置私有Docker Registry
目标是使用SSL(使用自签名ssl证书)和用户名/密码身份验证来保护注册表。这一切看起来都顺利,当我尝试通过浏览器导航到私人docker注册表使用:https://<private-docker-reg>:443/v2/我得到一个提示用户名和密码的提示,我得到正确的输出{}
但是当我尝试使用docker客户端登录时,我似乎无法登录:
> docker login https://<private-docker-reg>:443
> Username: foo
> Password: bar
> Email:
>
> FATA[0005] Error response from daemon: v1 ping attempt failed with
> error: Get https://<private-docker-reg>:443/v1/_ping: x509:
> certificate signed by unknown authority. If this private registry
> supports only HTTP or HTTPS with an unknown CA certificate, please add
> `--insecure-registry <private-docker-reg>:443` to the daemon's
> arguments. In the case of HTTPS, if you have access to the registry's
> CA certificate, no need for the flag; simply place the CA certificate
> at /etc/docker/certs.d/<private-docker-reg>:443/ca.crt
在尝试解决此问题时,我修改了我的/etc/default/docker文件并在我的docker客户端笔记本电脑上添加了以下行:
DOCKER_OPTS="$DOCKER_OPTS --insecure-registry <private-docker-reg>:443"
重启了docker守护进程,但到目前为止还没有运气......
解决此问题的任何提示或技巧??
答案 0 :(得分:0)
要使用Docker Registry v2,您至少需要拥有版本1.6.0或更高版本的docker客户端版本。运行以下命令以验证docker CLI版本:
docker info
根据docker注册文档:
If a docker client has a version less than 1.6, Nginx will route its requests to the 1.0 registry. Requests from newer clients will route to the 2.0 registry.