{"id":1867,"date":"2021-10-12T15:04:45","date_gmt":"2021-10-12T06:04:45","guid":{"rendered":"https:\/\/www.itchefblog.com\/?p=1867"},"modified":"2021-10-14T13:09:53","modified_gmt":"2021-10-14T04:09:53","slug":"private-docker-registry-%ec%bb%a8%ed%85%8c%ec%9d%b4%eb%84%88%eb%a1%9c-%ec%8b%a4%ed%96%89%ed%95%98%ea%b8%b0-%ec%a0%95%eb%a6%ac","status":"publish","type":"post","link":"https:\/\/www.itchefblog.com\/?p=1867","title":{"rendered":"Private Docker Registry\ub97c Docker container\ub85c \uc138\ud305\ud558\uae30"},"content":{"rendered":"\n

\ub0b4\uac00 \uae30\uc5b5\ud558\uae30 \ud3b8\ud558\ub3c4\ub85d \uc815\ub9ac\ud558\ub294 \uae00\uc774\ub77c \ud575\uc2ec\ub9cc \uc815\ub9ac\ud558\uace0 \uc788\uc74c.<\/p>\n\n\n\n

\uac1c\uc694.<\/strong>
\uac1c\uc778\uc801\uc778 or \uc0ac\ub0b4 \ud504\ub85c\uc81d\ud2b8\uc5d0 \uc0ac\uc6a9\ud558\ub294 \uc774\ubbf8\uc9c0\ub4e4\uc744 \ub3c4\ucee4\ud5c8\ube0c\uc5d0 public \uc73c\ub85c \uc62c\ub9b4\uc218\ub294 \uc5c6\uc73c\ub2c8 (\uc788\uc9c0\ub9cc \ub3c8\uc774 \ub4e0\ub2e4.) \ud504\ub77c\uc774\ube57 \ub808\uc9c0\uc2a4\ud2b8\ub9ac\ub97c \uc138\ud305\ud558\uc5ec \uc0ac\uc6a9\ud558\uae30 \uc704\ud568.

SSL \ubc0f \uc778\uc99d\uc744 \ucd94\uac00\ud558\uc5ec \ubcf4\uc548\uc5d0\ub3c4 \uc2e0\uacbd\uc744 \uc4f4\ub2e4. (IP Access Control\uae4c\uc9c0 \ud574\uc8fc\uba74 \ub354\uc6b1 \uc88b\ub2e4.)
\uc778\uc99d \ubd80\ubd84\uc740 registry \ucee8\ud14c\uc774\ub108 \ub0b4\ubd80\uc5d0\uc11c \uc9c4\ud589\ud558\uace0, SSL\uc740,,, \ucee8\ud14c\uc774\ub108 \ubc0f nginx\uc5d0\uc11c \ucc98\ub9ac.. (\uc911\ubcf5…?!)

\uc9c4\ud589.<\/strong>
1. registry\ub85c \uc0ac\uc6a9\ud560 \ub3c4\uba54\uc778\uc744 \uc11c\ubc84\uc640 \uc5f0\uacb0\ud574\uc90c (A record)
2. nginx\ub85c reverse proxy \uc138\ud305\uc744 \ud574\uc90c.
3. certbot \uc73c\ub85c \ub808\uc9c0\uc2a4\ud2b8\ub9ac\uc5d0 \uc0ac\uc6a9\ud560 \ub3c4\uba54\uc778 \uc778\uc99d\uc11c\ub97c \ubc1c\uae09\ud574\uc90c
4. \ub808\uc9c0\uc2a4\ud2b8\ub9ac\uc5d0\uc11c \uc0ac\uc6a9\ud560 htpasswd \uc778\uc99d\ud30c\uc77c\uc744 \uc0dd\uc131\ud574\uc90c

<br>docker run --rm --entrypoint htpasswd registry:2.7.0 -Bbn account_name account_password &gt;&gt; path\/.htpasswd<br><\/pre>
\uc704\uc640 \uac19\uc774 \uc2e4\ud589\ud574\uc8fc\uba74 registry:2.7.0 \ucee8\ud14c\uc774\ub108\ub97c \uc784\uc2dc\ub85c \ub744\uc6b0\uace0 htpasswd \ub85c \uc778\uc99d\uc815\ubcf4\ub97c \ub2f4\uc740 .htpasswd \ub97c path\uc5d0 \uc0dd\uc131\ud574\uc900\ub2e4. \uc791\uc5c5 \ud6c4 \ucee8\ud14c\uc774\ub108\ub294 \uc0ad\uc81c\ub418\ub3c4\ub85d –rm \uc635\uc158\uc774 \uc0ac\uc6a9\ub418\uc5c8\ub2e4.
5. \ub3c4\ucee4 \ub808\uc9c0\uc2a4\ud2b8\ub9ac\ub97c \uc544\ub798\uc758 \uc635\uc158\uacfc \ud568\uaed8 \uc2e4\ud589\ud574\uc900\ub2e4.
<br>docker run --name registry -it -d -p 5000:5000 --restart=always \\<br>-v \/path\/docker-registry\/auth:\/auth \\<br>-v \/path\/docker-registry:\/var\/lib\/registry \\<br>-v \/etc\/letsencrypt:\/certs \\<br>-e REGISTRY_HTTP_TLS_CERTIFICATE=\/certs\/live\/leckend-docker-registry.howbuild.com\/fullchain.pem \\<br>-e REGISTRY_HTTP_TLS_KEY=\/certs\/live\/leckend-docker-registry.howbuild.com\/privkey.pem \\<br>-e REGISTRY_AUTH=htpasswd \\<br>-e REGISTRY_AUTH_HTPASSWD_PATH=\/auth\/.htpasswd \\<br>-e REGISTRY_AUTH_HTPASSWD_REALM='Registry Realm' \\<br>registry<br><\/pre>

* \/certs\uc758 \ud638\uc2a4\ud2b8 \uacbd\ub85c\ub97c \/etc\/letsencrypt\ub85c \uc7a1\uc740 \uc774\uc720\ub294..
\ucc98\uc74c\uc5d0\ub294 live \ub514\ub809\ud1a0\ub9ac\ub97c \/certs\ub85c \uc9c0\uc815\ud588\ub294\ub370, live \ub0b4\uc5d0\ub294 \uc2ec\ubcfc\ub9ad\uc73c\ub85c \ub9c1\ud06c\uac00 \ub418\uc5b4\uc788\uae30\uc5d0 \uc2e4\uc81c\ub85c \uc778\uc99d\uc11c \ud30c\uc77c\uc744 \ubabb\uc77d\uc5b4\uc624\ub294 \ubb38\uc81c \ubc1c\uc0dd.
\uc2ec\ubcfc\ub9ad\uc774 \uc815\uc0c1\uc801\uc73c\ub85c \uc791\ub3d9\ud558\ub3c4\ub85d \ud558\uae30 \uc704\ud574 \/etc\/letsencrypt\ub97c \/certs \ub8e8\ud2b8\ub85c \uc138\ud305.
chown \uc73c\ub85c \uad8c\ud55c\uc124\uc815\ub3c4 \ubcc0\uacbd\ud574\uc918\uc57c\ud55c\ub2e4. (UID\/GID 1000) (\uc0ac\uc2e4 \ub1cc\ud53c\uc15c\ub85c \uc9c4\ud589\ud55c\uac70\ub77c \uc548\ud574\ub3c4 \ub420\uc9c0\ub3c4…)

** htpasswd -c, -m \ub4f1\uc73c\ub85c \uc0dd\uc131\ud55c \uc778\uc99d\uc815\ubcf4\ub294 \ube0c\ub77c\uc6b0\uc800\uc5d0\uc11c \uc791\ub3d9\ud558\uc9c0 \uc54a\uc558\ub2e4..
\uc704\uc5d0 -Bbn \uc635\uc158\uc73c\ub85c \uc0dd\uc131\ud55c \uacbd\uc6b0 \uc815\uc0c1\uc801\uc73c\ub85c \uc791\ub3d9 \ud655\uc778.<\/p>\n\n\n\n
<\/p>\n\n\n\n
\uc544\ub798\ub294 \ucc38\uace0\ud588\ub358 \ud3ec\uc2a4\ud2b8<\/p>\n\n\n\n
https:\/\/novemberde.github.io\/post\/2017\/04\/09\/Docker_Registry_0\/<\/a>
https:\/\/tech.madup.com\/docker-registry\/<\/a>
https:\/\/ikcoo.tistory.com\/60<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
\ub0b4\uac00 \uae30\uc5b5\ud558\uae30 \ud3b8\ud558\ub3c4\ub85d \uc815\ub9ac\ud558\ub294 \uae00\uc774\ub77c \ud575\uc2ec\ub9cc \uc815\ub9ac\ud558\uace0 \uc788\uc74c. \uac1c\uc694.\uac1c\uc778\uc801\uc778 or \uc0ac\ub0b4 \ud504\ub85c\uc81d\ud2b8\uc5d0 \uc0ac\uc6a9\ud558\ub294 \uc774\ubbf8\uc9c0\ub4e4\uc744 \ub3c4\ucee4\ud5c8\ube0c\uc5d0 public \uc73c\ub85c \uc62c\ub9b4\uc218\ub294 \uc5c6\uc73c\ub2c8 (\uc788\uc9c0\ub9cc \ub3c8\uc774 \ub4e0\ub2e4.) \ud504\ub77c\uc774\ube57 \ub808\uc9c0\uc2a4\ud2b8\ub9ac\ub97c \uc138\ud305\ud558\uc5ec \uc0ac\uc6a9\ud558\uae30 \uc704\ud568. SSL \ubc0f \uc778\uc99d\uc744 \ucd94\uac00\ud558\uc5ec \ubcf4\uc548\uc5d0\ub3c4 \uc2e0\uacbd\uc744 \uc4f4\ub2e4. (IP Access Control\uae4c\uc9c0 \ud574\uc8fc\uba74 \ub354\uc6b1 \uc88b\ub2e4.)\uc778\uc99d \ubd80\ubd84\uc740 registry \ucee8\ud14c\uc774\ub108 \ub0b4\ubd80\uc5d0\uc11c \uc9c4\ud589\ud558\uace0, SSL\uc740,,, \ucee8\ud14c\uc774\ub108 \ubc0f nginx\uc5d0\uc11c \ucc98\ub9ac.. (\uc911\ubcf5…?!) \uc9c4\ud589.1. registry\ub85c \uc0ac\uc6a9\ud560 \ub3c4\uba54\uc778\uc744 … <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[546,4],"tags":[552,553,554,541,547,548,549,550,551],"_links":{"self":[{"href":"https:\/\/www.itchefblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1867"}],"collection":[{"href":"https:\/\/www.itchefblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.itchefblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.itchefblog.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.itchefblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1867"}],"version-history":[{"count":6,"href":"https:\/\/www.itchefblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1867\/revisions"}],"predecessor-version":[{"id":1879,"href":"https:\/\/www.itchefblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1867\/revisions\/1879"}],"wp:attachment":[{"href":"https:\/\/www.itchefblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1867"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.itchefblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1867"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.itchefblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1867"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}