the registry can be called from everywhere on https://registry.raphaelpiccolo.com/
basic auth & https
the registry can be called from the host itself on http://${vmip}:5000
no auth.
the registry can be called from the other containers on http://registry:5000
no auth.
the registry explorer will be accessible from here : https://webregistry.raphaelpiccolo.com/
basic auth & https
the docker compose file
registry:
restart: always
container_name: registry
image: registry:2
volumes:
- ./registry/data:/var/lib/registry
environment:
- REGISTRY_STORAGE_DELETE_ENABLED=true
labels:
- traefik.enable=true
- traefik.http.routers.registry.rule=Host(`registry.${DOMAIN}`)
- traefik.http.services.registry.loadbalancer.server.port=5000
- traefik.http.routers.registry.tls.certresolver=le
- traefik.http.routers.registry.entrypoints=websecure
- traefik.http.routers.registry.middlewares=securityheaders,admin
webregistry:
restart: always
container_name: webregistry
image: klausmeyer/docker-registry-browser
environment:
- DOCKER_REGISTRY_URL=https://registry.${DOMAIN}
- BASIC_AUTH_USER=admin
- BASIC_AUTH_PASSWORD=${PASSWORD}
labels:
- traefik.enable=true
- traefik.http.routers.webregistry.rule=Host(`webregistry.${DOMAIN}`)
- traefik.http.services.webregistry.loadbalancer.server.port=8080
- traefik.http.routers.webregistry.tls.certresolver=le
- traefik.http.routers.webregistry.entrypoints=websecure
- traefik.http.routers.webregistry.middlewares=securityheaders,admin
start all
docker-compose up -d
apt install gnupg2 pass
docker login -u admin -p ${PASSWORD} https://registry.raphaelpiccolo.com
docker pull ubuntu:16.04
docker tag ubuntu:16.04 registry.raphaelpiccolo.com/my-ubuntu
docker push registry.raphaelpiccolo.com/my-ubuntu
docker image remove ubuntu:16.04
docker image remove registry.raphaelpiccolo.com/my-ubuntu
docker pull registry.raphaelpiccolo.com/my-ubuntuhttps://registry.raphaelpiccolo.com/v2/_catalog https://registry.raphaelpiccolo.com/v2/my-ubuntu/tags/list
--dry-run makes it do nothing
docker exec -it registry bin/registry garbage-collect --dry-run /etc/docker/registry/config.yml
REGISTRY_STORAGE_DELETE_ENABLED=true
get image id
curl -v -H 'Accept: application/vnd.docker.distribution.manifest.v2+json' http://registry.raphaelpiccolo.com/v2/my-ubuntu/manifests/latest
In response headers, you have docker-content-digest: sha256:xxx
now delete it
curl -v -XDELETE http://registry.raphaelpiccolo.com/v2/my-ubuntu/manifests/sha256:d0c7239b63de7b92dc1b2bec3e790088c8541f33cd0a71504b4fdeb624087879
run garbage collector
docker exec -it registry bin/registry garbage-collect /etc/docker/registry/config.yml
remove the repo for real (the only way to remove it from the list of repos)
rm -rf ../registry/data/docker/registry/v2/repositories/