両方とも前のリビジョン 前のリビジョン 次のリビジョン | 前のリビジョン 次のリビジョン両方とも次のリビジョン |
linux:podman:simple-container-registry [2024/03/21 07:42] – [レジストリ構築] ともやん | linux:podman:simple-container-registry [2024/03/21 09:21] – [レジストリへのプッシュ/プル] ともやん |
---|
00:99:f1:8c:dd:3b:6e:53:8a:1d:79:47:03:d8:48: | 00:99:f1:8c:dd:3b:6e:53:8a:1d:79:47:03:d8:48: |
21:de:03:79:af:7c:0e:ff:e8:61:b2:48:45:a9:a5: | 21:de:03:79:af:7c:0e:ff:e8:61:b2:48:45:a9:a5: |
ee:bf:62:f5:c9:b3:9f:58:fd:8c:65:fa:bc:94:8c: | |
〜省略〜 | 〜省略〜 |
c1:a8:b5:88:11:d1:bc:75:27:98:4b:e5:e5:13:2c: | |
55:e2:18:94:81:a8:1c:06:6f:ba:fb:be:4a:a1:a4: | |
41:f8:cb:9c:f2:98:43:85:ab:86:80:27:cc:10:b8: | 41:f8:cb:9c:f2:98:43:85:ab:86:80:27:cc:10:b8: |
ac:5b:41 | ac:5b:41 |
68:9e:7f:a9:17:6e:86:83:16:fb:2b:45:7b:20:bb:5b:7e:7e: | 68:9e:7f:a9:17:6e:86:83:16:fb:2b:45:7b:20:bb:5b:7e:7e: |
c9:77:45:ce:f6:a2:05:c2:c5:cb:9f:22:2b:aa:90:2e:0d:e7: | c9:77:45:ce:f6:a2:05:c2:c5:cb:9f:22:2b:aa:90:2e:0d:e7: |
5a:6d:e9:09:24:3c:c8:1e:bd:43:14:c5:8c:45:0e:6d:66:93: | |
〜省略〜 | 〜省略〜 |
fe:45:49:e0:d3:e7:91:7c:c0:be:36:5f:c4:82:b2:90:5b:5b: | |
ae:c7:0b:d1:19:72:15:2d:67:db:fe:b7:d0:46:c0:87:dc:c1: | ae:c7:0b:d1:19:72:15:2d:67:db:fe:b7:d0:46:c0:87:dc:c1: |
aa:e9:3b:ce:e8:5c:11:e0 | aa:e9:3b:ce:e8:5c:11:e0 |
</WRAP> | </WRAP> |
| |
===== レジストリの起動 ===== | ===== レジストリの起動/停止 ===== |
| レジストリの起動🤔\\ |
<WRAP color_term> | <WRAP color_term> |
<WRAP color_command><html><pre> | <WRAP color_command><html><pre> |
<font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">podman</font> run <font color="#A347BA">-d</font> <font color="#A347BA">--restart</font> always <font color="#A347BA">--name</font> registry \ | <font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">podman</font> run <font color="#A347BA">-d</font> <font color="#A347BA">--restart</font> always <font color="#A347BA">--name</font> registry \ |
<font color="#A347BA">-p</font> 5000:5000 \ | <font color="#A347BA">-p</font> 5000:5000 \ |
<font color="#A347BA">-v</font> /var/lib/registry/data:/var/lib/registry:z \ | <font color="#A347BA">-v</font> /var/lib/registry/data:/var/lib/registry:z \ |
<font color="#A347BA">-v</font> /var/lib/registry/auth:/auth:z \ | <font color="#A347BA">-v</font> /var/lib/registry/auth:/auth:z \ |
<font color="#A347BA">-e</font> <font color="#A2734C">"REGISTRY_AUTH=htpasswd"</font> \ | <font color="#A347BA">-e</font> <font color="#A2734C">'REGISTRY_AUTH=htpasswd'</font> \ |
<font color="#A347BA">-e</font> <font color="#A2734C">"REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm"</font> \ | <font color="#A347BA">-e</font> <font color="#A2734C">'REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm'</font> \ |
<font color="#A347BA">-e</font> REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \ | <font color="#A347BA">-e</font> REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \ |
<font color="#A347BA">-v</font> /var/lib/registry/certs:/certs:z \ | <font color="#A347BA">-v</font> /var/lib/registry/certs:/certs:z \ |
<font color="#A347BA">-e</font> <font color="#A2734C">"REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt"</font> \ | <font color="#A347BA">-e</font> <font color="#A2734C">'REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt'</font> \ |
<font color="#A347BA">-e</font> <font color="#A2734C">"REGISTRY_HTTP_TLS_KEY=/certs/domain.key"</font> \ | <font color="#A347BA">-e</font> <font color="#A2734C">'REGISTRY_HTTP_TLS_KEY=/certs/domain.key'</font> \ |
<font color="#A347BA">-e</font> REGISTRY_COMPATIBILITY_SCHEMA1_ENABLED=true \ | <font color="#A347BA">-e</font> REGISTRY_COMPATIBILITY_SCHEMA1_ENABLED=true \ |
| <font color="#A347BA">-e</font> REGISTRY_STORAGE_DELETE_ENABLED=true \ |
docker.io/library/registry:2.8.3 | docker.io/library/registry:2.8.3 |
</pre></html></WRAP> | </pre></html></WRAP> |
</WRAP> | </WRAP> |
[[https://hub.docker.com/_/registry/tags|registry Tags | Docker Hub]] で最新バージョンを確認できる🤔\\ | [[https://hub.docker.com/_/registry/tags|registry Tags | Docker Hub]] で最新バージョンを確認できる🤔\\ |
| |
| レジストリを停止する場合...🤔\\ |
| <WRAP color_term> |
| <WRAP color_command><html><pre> |
| <font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">sh</font> <font color="#A347BA">-c</font> <font color="#A2734C">'podman stop registry && podman rm registry'</font> |
| </pre></html></WRAP> |
| </WRAP> |
| |
レジストリへのアクセス確認🤔\\ | レジストリへのアクセス確認🤔\\ |
Enter host password for user 'tomoyan': | Enter host password for user 'tomoyan': |
{"repositories":[]} | {"repositories":[]} |
| </pre></html></WRAP> |
| <WRAP color_result><html><pre> |
| registry |
| registry |
</pre></html></WRAP> | </pre></html></WRAP> |
</WRAP> | </WRAP> |
</WRAP> | </WRAP> |
| |
| プッシュする🤔\\ |
| <WRAP color_term> |
| <WRAP color_command><html><pre> |
| <font color="#FF8700"><b>$</b></font> <font color="#26A269">podman</font> push localhost/haruo_podman:0.01 wicked-beat:5000/haruo_podman:v0.01 |
| </pre></html></WRAP> |
| <WRAP color_result><html><pre> |
| Getting image source signatures |
| Copying blob 10650e391d43 done | |
| Copying blob aacbd0b4169c done | |
| Copying blob 80f811a7d4fe done | |
| Copying blob 53f86715cdba done | |
| Copying blob eb2eb8ccdc68 done | |
| Copying config f291a9bf30 done | |
| Writing manifest to image destination |
| </pre></html></WRAP> |
| </WRAP> |
| |
| プッシュされた内容を確認する🤔\\ |
| <WRAP color_term> |
| <WRAP color_command><html><pre> |
| <font color="#FF8700"><b>$</b></font> <font color="#26A269">podman</font> search wicked-beat:5000/ |
| </pre></html></WRAP> |
| <WRAP color_result><html><pre> |
| NAME DESCRIPTION |
| wicked-beat:5000/haruo_podman |
| </pre></html></WRAP> |
| </WRAP> |
| |
| 削除してみる🤔\\ |
| <WRAP color_term> |
| <WRAP color_command><html><pre> |
| <font color="#FF8700"><b>$</b></font> <font color="#26A269">skopeo</font> <font color="#A347BA">--debug</font> delete docker://wicked-beat:5000/haruo_podman:v0.01 |
| </pre></html></WRAP> |
| <WRAP color_result><html><pre> |
| <font color="#D0CFCC">DEBU</font>[0000] Using registries.d directory /etc/containers/registries.d |
| <font color="#D0CFCC">DEBU</font>[0000] Loading registries configuration "/etc/containers/registries.conf" |
| <font color="#D0CFCC">DEBU</font>[0000] Loading registries configuration "/etc/containers/registries.conf.d/000-shortnames.conf" |
| <font color="#D0CFCC">DEBU</font>[0000] Found credentials for wicked-beat:5000/haruo_podman in credential helper containers-auth.json in file /run/user/1000/containers/auth.json |
| <font color="#D0CFCC">DEBU</font>[0000] No signature storage configuration found for wicked-beat:5000/haruo_podman:v0.01, using built-in default file:///home/tomoyan/.local/share/containers/sigstore |
| <font color="#D0CFCC">DEBU</font>[0000] Looking for TLS certificates and private keys in /etc/docker/certs.d/wicked-beat:5000 |
| <font color="#D0CFCC">DEBU</font>[0000] GET https://wicked-beat:5000/v2/ |
| <font color="#D0CFCC">DEBU</font>[0000] Ping https://wicked-beat:5000/v2/ status 401 |
| <font color="#D0CFCC">DEBU</font>[0000] GET https://wicked-beat:5000/v2/haruo_podman/manifests/v0.01 |
| <font color="#D0CFCC">DEBU</font>[0000] DELETE https://wicked-beat:5000/v2/haruo_podman/manifests/sha256:f652ef85a8862285775a01c6dd279c35debd0b581c41e209875c3ab1d3ceacd7 |
| <font color="#D0CFCC">DEBU</font>[0000] Deleting /home/tomoyan/.local/share/containers/sigstore/haruo_podman@sha256=f652ef85a8862285775a01c6dd279c35debd0b581c41e209875c3ab1d3ceacd7/signature-1 |
| </pre></html></WRAP> |
| </WRAP> |
| |
| 削除しても消えないが、配布には使える🤪\\ |
| <WRAP color_term> |
| <WRAP color_command><html><pre> |
| <font color="#FF8700"><b>$</b></font> <font color="#26A269">podman</font> search wicked-beat:5000/ |
| </pre></html></WRAP> |
| <WRAP color_result><html><pre> |
| NAME DESCRIPTION |
| wicked-beat:5000/haruo_podman |
| </pre></html></WRAP> |
| </WRAP> |
| |
| プッシュしたら二度と消せない🤪\\ |
| コンテナ起動時に REGISTRY_STORAGE_DELETE_ENABLED=true も指定してるし、docker v2 API で DELETE も実行している🤔\\ |
| <WRAP color_term> |
| <WRAP color_command><html><pre> |
| <font color="#FF8700"><b>$</b></font> <font color="#26A269">skopeo</font> <font color="#A347BA">--debug</font> delete docker://wicked-beat:5000/haruo_podman:v0.01 |
| </pre></html></WRAP> |
| <WRAP color_result><html><pre> |
| <font color="#D0CFCC">DEBU</font>[0000] Using registries.d directory /etc/containers/registries.d |
| <font color="#D0CFCC">DEBU</font>[0000] Loading registries configuration "/etc/containers/registries.conf" |
| <font color="#D0CFCC">DEBU</font>[0000] Loading registries configuration "/etc/containers/registries.conf.d/000-shortnames.conf" |
| <font color="#D0CFCC">DEBU</font>[0000] Found credentials for wicked-beat:5000/haruo_podman in credential helper containers-auth.json in file /run/user/1000/containers/auth.json |
| <font color="#D0CFCC">DEBU</font>[0000] No signature storage configuration found for wicked-beat:5000/haruo_podman:v0.01, using built-in default file:///home/tomoyan/.local/share/containers/sigstore |
| <font color="#D0CFCC">DEBU</font>[0000] Looking for TLS certificates and private keys in /etc/docker/certs.d/wicked-beat:5000 |
| <font color="#D0CFCC">DEBU</font>[0000] GET https://wicked-beat:5000/v2/ |
| <font color="#D0CFCC">DEBU</font>[0000] Ping https://wicked-beat:5000/v2/ status 401 |
| <font color="#D0CFCC">DEBU</font>[0000] GET https://wicked-beat:5000/v2/haruo_podman/manifests/v0.01 |
| <font color="#C01C28">FATA</font>[0000] Unable to delete wicked-beat:5000/haruo_podman:v0.01. Image may not exist or is not stored with a v2 Schema in a v2 registry |
| </pre></html></WRAP> |
| </WRAP> |
| |
===== 参考文献 ===== | ===== 参考文献 ===== |
[[https://www.redhat.com/sysadmin/simple-container-registry|How to implement a simple personal/private Linux container image registry for internal use | Enable Sysadmin]] [[gtr>https://www.redhat.com/sysadmin/simple-container-registry|翻訳]]\\ | [[https://www.redhat.com/sysadmin/simple-container-registry|How to implement a simple personal/private Linux container image registry for internal use | Enable Sysadmin]] [[gtr>https://www.redhat.com/sysadmin/simple-container-registry|翻訳]]\\ |
[[https://thenewstack.io/tutorial-host-a-local-podman-image-registry/|Tutorial: Host a Local Podman Image Registry - The New Stack]] [[gtr>https://thenewstack.io/tutorial-host-a-local-podman-image-registry/|翻訳]]\\ | [[https://thenewstack.io/tutorial-host-a-local-podman-image-registry/|Tutorial: Host a Local Podman Image Registry - The New Stack]] [[gtr>https://thenewstack.io/tutorial-host-a-local-podman-image-registry/|翻訳]]\\ |
| |
| [[git>quay/quay|quay/quay: Build, Store, and Distribute your Applications and Containers]]\\ |
| [[https://github.com/quay/quay/blob/master/docs/quick-local-deployment.md|quay/docs/quick-local-deployment.md at master · quay/quay]]\\ |
| [[https://access.redhat.com/docum.entation/ja-jp/red_hat_quay/2.9/html-single/deploy_red_hat_quay_-_basic/index|Deploy Red Hat Quay - Basic Red Hat Quay 2.9 | Red Hat Customer Portal]] [[gtr>https://access.redhat.com/documentation/ja-jp/red_hat_quay/2.9/html-single/deploy_red_hat_quay_-_basic/index|翻訳]]\\ |
| |