还存在的问题,如果通过nginx 转发推过去的镜像,在web页面显示比较慢,需要等定时任务发现了才能及时显示出来,如果通过b.p.xxx.cn:5000加端口push 的镜像就比较快显示出来。只影响到显示,不影响正常使用。
获取代码:git clone https://github.com/SUSE/Portus.git
cd Portus
vim docker-compose.yml
PS: portus 这个项目更换镜像的话,就需要重新创建管理员账号,既然不是保存在MYSQL里面的,奇葩。(所以下次mysql也直接用docker启就可以了)
模板:
version: '2'
services:
portus:
build: .
image: opensuse/portus:development #默认不是这个镜像,默认的镜像有BUG作者说改成这个可以正常运行
command: bash /srv/Portus/examples/development/compose/init
environment:
- PORTUS_MACHINE_FQDN_VALUE=b.p.xxx.cn #域名,认证使用
- PORTUS_PUMA_HOST=0.0.0.0:3000
- PORTUS_DB_HOST=db
- PORTUS_DB_PASSWORD=portus
- RAILS_SERVE_STATIC_FILES=true
ports:
- 3000:3000
links:
- db
volumes:
- .:/srv/Portus #这几个项目共用一份代码,否者授权的时候有异常,会出现不用登录也能获取镜像
crono:
image: opensuse/portus:development
command: ./bin/crono
depends_on:
- portus
environment:
- PORTUS_MACHINE_FQDN_VALUE=b.p.xxx.cn
- PORTUS_DB_HOST=db #域名,认证使用
- PORTUS_DB_PASSWORD=portus
volumes:
- .:/srv/Portus
links:
- db
webpack:
image: kkarczmarczyk/node-yarn:6.9-slim
command: bash /srv/Portus/examples/development/compose/bootstrap-webpack
working_dir: /srv/Portus
volumes:
- .:/srv/Portus
db:
image: library/mariadb:10.0.23
environment:
MYSQL_ROOT_PASSWORD: portus
registry:
image: library/registry:2.3.1
environment:
REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /registry_data
REGISTRY_STORAGE_DELETE_ENABLED: "true"
REGISTRY_HTTP_ADDR: 0.0.0.0:5000
REGISTRY_HTTP_DEBUG_ADDR: 0.0.0.0:5001
REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE: /etc/docker/registry/portus.crt
REGISTRY_AUTH_TOKEN_REALM: http://b.p.xxx.cn:3000/v2/token
REGISTRY_AUTH_TOKEN_SERVICE: b.p.xxx.cn:5000
REGISTRY_AUTH_TOKEN_ISSUER: b.p.xxx.cn
REGISTRY_NOTIFICATIONS_ENDPOINTS: >
- name: portus
url: http://b.p.xxx.cn:3000/v2/webhooks/events
timeout: 2000ms
threshold: 5
backoff: 1s
volumes:
- /registry_data:/registry_data #这个目录是保存仓库镜像的,挂载出来永久保存
- ./examples/development/compose/portus.crt:/etc/docker/registry/portus.crt:ro #这个是Portus的密钥,交互用的
ports:
- 5000:5000
- 5001:5001
links:
- portus
我使用的这个版本有BUG,进过查看日志,发现同时还需要修改文件:
vim config/config.yml
206 machine_fqdn:
207 value: "b.p.xxx.cn" #改成自己的地址
然后docker-compose up 启动即可。
访问web页面: b.p.xxx.cn:3000
需要填写仓库地址,两个都添加 b.p.xxx.cn:5000即可。
由于其他人访问需要经过https:下面给出 nginx + ssl 的配置
vim b.p.xxx.cn.conf
upstream klg-registry {
server registry:5000 weight=1;
}
server {
listen 443;
server_name b.p.xxx.cn;
ssl on;
ssl_certificate /nas/conf/tenginx/vhost/Nginx/1_b.p.xxx.cn_bundle.crt;
ssl_certificate_key /nas/conf/tenginx/vhost/Nginx/2_b.p.xxx.cn.key;
location /{
client_max_body_size 10000m;
proxy_pass http://klg-registry;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
access_log /var/log/tenginx/b.p.xxx.cn.log access;
}
我的实例:
version: '2'
services:
portus:
hostname: portus
image: r.p.xxx.cn/registry:portus2
environment:
- PORTUS_MACHINE_FQDN_VALUE=b.p.xxx.cn
- PORTUS_PUMA_HOST=0.0.0.0:3000
- PORTUS_DB_HOST=192.168.0.1
- PORTUS_DB_PASSWORD=portus
- RAILS_SERVE_STATIC_FILES=true
ports:
- 3000:3000
volumes:
- /opt/Portus:/srv/Portus
crono:
image: r.p.xxx.cn/registry:crono-new
depends_on:
- portus
environment:
- PORTUS_MACHINE_FQDN_VALUE=b.p.xxx.cn
- PORTUS_DB_HOST=192.168.0.1
- PORTUS_DB_PASSWORD=portus
volumes:
- /opt/Portus:/srv/Portus
webpack:
image: r.p.xxx.cn/registry:webpack-new
working_dir: /srv/Portus
volumes:
- /opt/Portus:/srv/Portus
registry:
image: r.p.xxx.cn/registry:registry2-new
hostname: registry
environment:
REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /registry_data
REGISTRY_STORAGE_DELETE_ENABLED: "true"
REGISTRY_HTTP_ADDR: 0.0.0.0:5000
REGISTRY_HTTP_DEBUG_ADDR: 0.0.0.0:5001
REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE: /etc/docker/registry/portus.crt
REGISTRY_AUTH_TOKEN_REALM: http://b.p.xxx.cn:3000/v2/token
REGISTRY_AUTH_TOKEN_SERVICE: b.p.xxx.cn:5000
REGISTRY_AUTH_TOKEN_ISSUER: b.p.xxx.cn
REGISTRY_NOTIFICATIONS_ENDPOINTS: >
- name: portus
url: http://b.p.xxx.cn:3000/v2/webhooks/events
timeout: 2000ms
threshold: 5
backoff: 1s
volumes:
- /registry_data:/registry_data
- /opt/Portus/examples/development/compose/portus.crt:/etc/docker/registry/portus.crt:ro
ports:
- 5000:5000
- 5001:5001
links:
- portus