1. 安装

cat > /etc/yum.repos.d/docker-ce.repo << EOF
[docker-ce-stable]
name=Docker CE Stable - \$basearch
baseurl=https://mirrors.nju.edu.cn/docker-ce/linux/centos/\$releasever/\$basearch/stable
enabled=1
gpgcheck=0
gpgkey=https://mirrors.nju.edu.cn/docker-ce/linux/centos/gpg
EOF

yum install -y docker-ce

2. 配置

touch  /etc/docker/daemon.json

cat > /etc/docker/daemon.json << EOF
{
  "registry-mirrors": ["https://registry.docker-cn.com", "http://hub-mirror.c.163.com", "https://docker.mirrors.ustc.edu.cn"],
  "insecure-registries": ["https://192.168.100.210:5000"],
}
EOF

systemctl restart docker  && systemctl enable docker 

3. 生成证书

mkdir -p /etc/docker/certs.d && cd /etc/docker/certs.d

openssl genrsa -out docker.key 2048
openssl req -new -key docker.key -out docker.csr
openssl x509 -req -days 3650 -in docker.csr -signkey docker.key -out docker.crt

4. 运行registry仓库容器

docker run -d --restart=always --name registry \
  -v /etc/docker/certs.d:/certs \
  -e REGISTRY_HTTP_ADDR=0.0.0.0:5000 \
  -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/docker.crt \
  -e REGISTRY_HTTP_TLS_KEY=/certs/docker.key \
  -p 5000:5000 \
  registry:2

4. 下载、打标签、上传私有仓库

docker pull kolla/centos-binary-kolla-toolbox

docker tag kolla/centos-binary-kolla-toolbox:train 192.168.100.210:5000/kolla/centos-binary-kolla-toolbox:train

docker push 192.168.100.210:5000/kolla/centos-binary-keystone-ssh:train

5. 测试

curl -l https://192.168.100.210:5000/v2/_catalog

docker push 192.168.100.210:5000/kolla/centos-binary-keystone-ssh:train