docker

[kangkai124]

[kangkai124]

配置私有docker镜像库

1. hosts 添加配置

   xxx.xxx.xxx.xxx your-registry.com

2. 添加 ca.crt（mac环境）

   sudo mkdir /etc/docker/certs.d/test-docker-reg\:5000
   sudo cp ca.crt /etc/docker/certs.d/test-docker-reg\:5000/
   sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ca.crt

3. 重启 docker

参考：

https://blog.container-solutions.com/adding-self-signed-registry-certs-docker-mac

Distributing certificates to Linux Docker clients is pretty straightforward, as it just means copying the certificate to the correct directory (for the purposes of this post, I'm assuming you know how to create a self-signed cert for the registry):

sudo mkdir /etc/docker/certs.d/test-docker-reg\:5000
sudo cp ca.crt /etc/docker/certs.d/test-docker-reg\:5000/

With the Mac, however, things are a little different. The above solution doesn't work, as Docker for Mac relies on a internal VM whose filesystem gets wiped on restarts. The correct solution (thanks to Justin Cormack) is to add the certificate to the Mac's keychain, which will be picked up by Docker for Mac e.g:

sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ca.crt

You'll need to restart Docker for Mac for the change to take effect.

[kangkai124]

docker 命令图例