給私有Docker Registry加個(gè)UI

加個(gè)Web UI,用起來更直觀一點(diǎn), 還可以記錄Registry里的Events
docker-compose.yml如下:

version: '3.7'
services:
  local-registry-ui:
    restart: always
    image: quiq/docker-registry-ui
    ports:
      - 8000:8000
    environment:
      TZ: Asia/Shanghai
    volumes:
      - /path/to/config.yml:/opt/config.yml:ro  # config for registry ui
      - /path/to/domain.crt:/etc/ssl/certs/ca-certificates.crt:ro  # crt file created for docker registry
      - /path/to/data:/opt/data  # path for sqlite db

有兩個(gè)要注意的地方:

  1. 之前為私有Registry創(chuàng)建的crt文件可以直接拿過來用
  2. /path/to/data要設(shè)置對(duì)應(yīng)權(quán)限, UI container里的user id是65534, 直接chown -r 65534:65534 /path/to/data

要記錄Registry Event的話,需要在Registry Config里添加如下配置:

notifications:
  endpoints:
    - name: docker-registry-ui
      url: http://ip.for.registry.ui:8000/api/events
      headers:
        Authorization: [Bearer abcdefghijklmnopqrstuvwxyz1234567890] # need set save token in registry ui
      timeout: 1s
      threshold: 5
      backoff: 10s
      ignoredmediatypes:
        - application/octet-stream

對(duì)應(yīng)Registry UI的配置:

# Listen interface.
listen_addr: 0.0.0.0:8000
# Base path of Docker Registry UI.
base_path: /

# Registry URL with schema and port.
registry_url: https://ip.for.registry:5000
# Verify TLS certificate when using https.
verify_tls: true

# Docker registry credentials.
# They need to have a full access to the registry.
# If token authentication service is enabled, it will be auto-discovered and those credentials
# will be used to obtain access tokens.
# When the registry_password_file entry is used, the password can be passed as a docker secret
# and read from file. This overides the registry_password entry.
registry_username: registryuser   # user name and password for registry auth
registry_password: registrypassword
#registry_password_file: /run/secrets/htpasswd

# Event listener token.
# The same one should be configured on Docker registry as Authorization Bearer token.
event_listener_token: abcdefghijklmnopqrstuvwxyz1234567890  # same token as config in registry
# Retention of records to keep.
event_retention_days: 7

# Event listener storage.
event_database_driver: sqlite3
event_database_location: data/registry_events.db
# event_database_driver: mysql
# event_database_location: user:password@tcp(localhost:3306)/docker_events

# You can disable event deletion on some hosts when you are running docker-registry on master-master or
# cluster setup to avoid deadlocks or replication break.
event_deletion_enabled: True

# Cache refresh interval in minutes.
# How long to cache repository list and tag counts.
cache_refresh_interval: 10

# If users can delete tags. If set to False, then only admins listed below.
anyone_can_delete: true
# Users allowed to delete tags.
# This should be sent via X-WEBAUTH-USER header from your proxy.
admins: []

# Debug mode. Affects only templates.
debug: true

# How many days to keep tags but also keep the minimal count provided no matter how old.
purge_tags_keep_days: 90
purge_tags_keep_count: 2
# Enable built-in cron to schedule purging tags in server mode.
# Empty string disables this feature.
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容