Docker:什么是最简单的方式来保护私有注册表? [英] Docker: What is the simplest way to secure a private registry?
本文介绍了Docker:什么是最简单的方式来保护私有注册表?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我们搜索使用简单认证层部署私有Docker注册表的最简单方法
我发现:
- 此手册方式 http://www.activestate.com/blog/2014/01/deploying-your-own-private-docker-registry
- 和
shipyard / docker-private-registry
基于stackbrew /注册表的Docker映像,并通过Nginx添加基本身份验证 - https://github.com/shipyard/docker-private-registry
我认为使用
解决方案
我还在学习如何运行和使用Docker,考虑一下这个想法:
#在服务器上运行注册表,只允许localhost连接
doc ker run -p 127.0.0.1:5000:5000注册表
#在客户端上,安装ssh隧道
ssh -N -L 5000:localhost:5000 user @ server
然后,可以通过localhost:5000访问注册表,通过您可能已经知道和使用的ssh来完成身份验证。 >
资料来源:
- https://blog.codecentric.de/en/2014/02/docker-registry-run- private-docker-image-repository /
- https ://docs.docker.com/userguide/dockerlinks/
Our Docker images ship closed sources, we need to store them somewhere safe, using own private docker registry. We search the simplest way to deploy a private docker registry with a simple authentication layer.
I found :
- this manual way http://www.activestate.com/blog/2014/01/deploying-your-own-private-docker-registry
- and the
shipyard/docker-private-registry
docker image based on stackbrew/registry and adding basic auth via Nginx - https://github.com/shipyard/docker-private-registry
I think use shipyard/docker-private-registry
, but is there one another best way?
解决方案
I'm still learning how to run and use Docker, consider this an idea:
# Run the registry on the server, allow only localhost connection
docker run -p 127.0.0.1:5000:5000 registry
# On the client, setup ssh tunneling
ssh -N -L 5000:localhost:5000 user@server
The registry is then accessible at localhost:5000, authentication is done through ssh that you probably already know and use.
Sources:
- https://blog.codecentric.de/en/2014/02/docker-registry-run-private-docker-image-repository/
- https://docs.docker.com/userguide/dockerlinks/
这篇关于Docker:什么是最简单的方式来保护私有注册表?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文