step1: run registry
sudo docker run -d -p 5000:5000 --restart=always --name registry registry:2
step2: build your local image and push to your registry
docker tag ubuntu remote.ip.com:5000/ubuntu
docker push remote.ip.com:5000/ubuntu
Other: With your selef config file
$ cat config.yml
root@ip-172-20-61-78:/home/admin# cat config.yml
version: 0.1
log:
fields:
service: registry
storage:
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
headers:
X-Content-Type-Options: [nosniff]
health:
storagedriver:
enabled: true
interval: 10s
threshold: 3
storage:
s3:
region: us-east-1
bucket: xxxx.xxx.xxx.xxxx
accesskey: awsaccesskey
secretkey: awssecretkey
keyid: mykeyid
secure: true
v4auth: true
$ docker run -d -p 5000:5000 --name registry --restart always -v `pwd`/config.yml:/etc/docker/registry/config.yml registry:2
# Or Just With Command below this
$ docker run -d -p 5000:5000 \
-e "REGISTRY_STORAGE=s3" \
-e "REGISTRY_STORAGE_S3_REGION=us-east-1" \
-e "REGISTRY_STORAGE_S3_BUCKET=BUCKETNAME" \
-e "REGISTRY_STORAGE_S3_ACCESSKEY=ACCESSKEY" \
-e "REGISTRY_STORAGE_S3_SECRETKEY=ACCESSSECRETKEY" \
registry:2
with s3, s3 setting policy you get your iam role arn, you can use aws iam get-user --user-name xxx to get it and then
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::ACCOUNT_ID:user/USERNAME"
},
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListBucketMultipartUploads"
],
"Resource": "arn:aws:s3:::BUCKET_NAME"
},
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::ACCOUNT_ID:user/USERNAME"
},
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject",
"s3:ListMultipartUploadParts",
"s3:AbortMultipartUpload"
],
"Resource": "arn:aws:s3:::BUCKET_NAME/*"
}
]
}
FAQ:
- http: server gave HTTP response to HTTPS client
change your local setting to allow this registry with
{ "insecure-registries":["api.useast1.k8s.btcc.shop:5000"] }, if you use mac, just add your remote ip with Perfences->Daemon->Add Insecure Registries.