如何通过私人Dockerhub repo自动运行码头服务器？ [英] How to automate a docker run from a private Dockerhub repo?

问题描述

我有一台运行Docker的EC2服务器，我想将以下内容添加到用户数据中，所以当服务器启动时，我的私有Dockerhub映像将被拉/运行如下所示：

 ＃！/ bin / bash 
 sudo docker run -p 3333：3333 -d  - -name Hello myusername / hello 
  

但是我不确定如何去认证，以便访问私人回购 myusername / hello 。

使用Github创建并上传部署密钥，Dockerhub提供类似的部署密钥选项？

解决方案

更新：
想出一个更好的方式，不涉及将您的信誉烘烤到一个图像。有关适用于解决此问题的信息，请参阅以下问题：将EC2 User-Data shell脚本存储在私有的S3存储区中是否安全？

这有助于在任何给定时间将您的秘密保存在必要的场所数量上。

找出更好的方法： p>

1. 使用所需的操作系统启动机器


2. 安装Docker


3. 在该机器上运行 sudo docker login


4. 成功认证后，Docker将放置一个 .dockercfg 文件（例如 /home/yourusername/.dockercfg ）。 Docker将从现在起使用此文件进行所有验证。


5. 创建要启动所有新实例时要使用的计算机的映像。此图像现在将具有 .dockercfg 文件烘焙。


6. 将以下内容添加到用户数据您的机器图像：

 ＃＃/ bin / bash 
 sudo docker run -p 3333：3333 -d --name你好你的用户名/ hello 
  

现在，当您基于您的计算机映像启动实例时，您的 sudo docker运行命令将成功拉取私人存储只要您运行docker命令的用户在其主目录中具有 .dockercfg 文件。

希望有帮助任何人想找出这个。

I have a EC2 server running Docker and I'd like to add the following to the User Data so my private Dockerhub images will be pulled/run when the server starts up, like so:

#!/bin/bash
sudo docker run -p 3333:3333 -d --name Hello myusername/hello

But I'm unsure as to how to go about authenticating in order to gain access to the private repo myusername/hello.

With Github you create and upload a deploy key, does Dockerhub offer a similar deploy key option?

解决方案

UPDATE: Figured out an even better way that doesn't involve baking your creds into an image at all. See the following question for information that would be applicable to solving this problem as well: Is it secure to store EC2 User-Data shell scripts in a private S3 bucket?

This helps keep your secrets in the least number of places necessary at any given time.

Figured out a better way:

1. Launch a machine using your desired OS
2. Install Docker
3. run sudo docker login on that machine
4. Upon successful authentication Docker will place a .dockercfg file in your home directory (e.g. /home/yourusername/.dockercfg). Docker will use this file for all authentication from now on.
5. Create an image of your machine to be used when launching all new instances. This image will now have the .dockercfg file baked-in.
6. Add the following to the User Data of your machine image:

#!/bin/bash
sudo docker run -p 3333:3333 -d --name Hello yourusername/hello

Now when you launch an instance based on your machine image your sudo docker run commands will succeed in pulling private repos provided the user you run the docker command under has a .dockercfg file in their home directory.

Hope that helps anyone looking to figure this out.

这篇关于如何通过私人Dockerhub repo自动运行码头服务器？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！