Because most of the download sites are sites in foreign countries, domestic users in the mirror, they often encounter very slow download speeds; and Docker application into production process, will also face the problem of safety of Docker mirrors for download.
Build private Docker Registry in a production environment, the programme is a two. But most of the domestic enterprises to use the release, for Redhat system, such as Centos environment the majority. Online information and publishing books in introducing the Docker‘s time is based on the Ubuntu Guide and configuration, version CentOS6.x or above to access private Docker
Registry need SSL support. Using CentOS to build the greatest difficulty for this service is to configure and use SSL and SSL transport for nginx reverse proxy support, and certification.
System: CentOS 7.1
Server name: registry.exmple.com #HTTPS SSL certificates generated cannot be used here so feel free to set up a domain name to the IP address, not necessarily the real domain name.
Mr webserver:nignx (reverse proxy)
First, the configuration process
To facilitate mastering in general services building, briefly describe the configuration process:
1, configuration on the configuration side SSL: generates the key, root certificates, SSL key is generated for the nginx service, the last private CA, upon request, complete the nginx issued certificate;
2, compile, install, nginx, and is configured as a reverse proxy. 433 that listens for HTTPS, the client forwards the request to the registry services for the port 433 5000 ports;
3, install the registry mirrors Docker and run container, listens for requests from nginx to forward;
4, adds complete SSL certificates on the client and click Upload and download mirror operation, to complete the test.
Second, the Registry is configured on the server SSL
1, the installation of dependencies
yum install -y gcc pcre-devel pcre-static openssl openssl-devel httpd-tools1
GCC is a compiler;
PCRE-devel PCRE-static is needed when compiling nginx dependencies;
OpenSSL openssl-devel used to generate the SSL root certificate and key and nignx certificate is issued;
Httpd-tools used to generate login HTTPS service account and password.