3. Cài đặt Docker Private Registry

• Tạo tài khoản (setup private registry)

        create_password
        123
        docker run \
  --entrypoint htpasswd \
  registry:2 -Bbn builder testpassword > ./passfile

      

• Tạo Docker Swarm Secret

Đặt tên secret: registry_v2_auth_credentials

• Khởi chạy Registry từ template:

        registry_template_from_official_docker
        123456789101112131415161718192021222324252627282930313233343536373839404142
        version: "3.7"

services:
  registry:
    restart: always
    image: registry:2
    secrets:
      - registry_v2_auth_credentials
    environment:
      REGISTRY_AUTH: htpasswd
      REGISTRY_AUTH_HTPASSWD_PATH: /run/secrets/registry_v2_auth_credentials
      REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
    deploy:
      labels:
        - "traefik.enable=true"
        # Routers
        - "traefik.http.routers.registry_v2_http_router.entrypoints=http"
        - "traefik.http.routers.registry_v2_http_router.middlewares=httpsRedirectScheme"
        - "traefik.http.routers.registry_v2_http_router.rule=Host(`registryv2.tn20.wedesign.vn`)"
        - "traefik.http.routers.registry_v2_http_router.service=registry_service"
        - "traefik.http.routers.registry_v2_https_router.entrypoints=https"
        - "traefik.http.routers.registry_v2_https_router.rule=Host(`registryv2.tn20.wedesign.vn`)"
        - "traefik.http.routers.registry_v2_https_router.service=registry_v2_service"
        - "traefik.http.routers.registry_v2_https_router.tls.certresolver=httpChallenge"
        # Services
        - "traefik.http.services.registry_v2_service.loadbalancer.server.port=5000"
        - "traefik.http.middlewares.httpsRedirectScheme.redirectscheme.scheme=https"
        - "traefik.http.middlewares.httpsRedirectScheme.redirectscheme.permanent=true"
    volumes:
      - data:/var/lib/registry
      - certs:/certs
    networks:
      - public_proxy
volumes:
  data:
  certs:
networks:
  public_proxy:
    external: true
secrets:
  registry_v2_auth_credentials:
     external: true

      

Hoàn thành, test thử:

        
        1
        curl -kv https://registryv2.tn20.wedesign.vn

      

        
        123
        docker login -u builder registryv2.tn20.wedesign.vn
docker build -t registryv2.tn20.wedesign.vn/celery_worker:latest .
docker push registryv2.tn20.wedesign.vn/celery_worker:latest

      

<