DOF201 - Stocker les Images Docker

• DOF201 - Stocker les Images Docker
  • Contenu du Module
  • LAB #1 - Utilisation de l'Infrastructure
    • 1.1 - Formations en Face-à-Face Pédagogique (FFP)
    • 1.2 - Formations à Distance (FAD)
      • Linux, MacOS et Windows 10 muni du client ssh
      • Windows 7 et Windows 10 sans client ssh
      • Lancement de la Machine Virtuelle Debian_9
    • 1.3 - Connexion à la Machine Virtuelle
      • Linux, MacOS, Windows 10 muni du client ssh et FAD
      • Windows 7 et Windows 10 sans client ssh en FFP
  • LAB #2 - Installer un Registre Privé
    • Installer docker
    • Préparation
    • 2.1 - Créer un Registre local,
    • 2.2 - Créer un Serveur de Registre Dédié
      • Configurer le clone comme Registre Dédié
      • Configurer le Client

Si vous suivez cette formation en Centre de Formation, vous avez besoin d'importer la machine virtuelle qui vous a été fournie.

Ouvrez VirtualBox et importez la machine virtuelle Debian_9 :

Fichier > Importer un appareil virtuel ...

La machine virtuelle a été configurée ainsi :

Démarrez ensuite la machine virtuelle Debian_9.

Vous disposez d'un serveur dédié, pré-installé, pré-configuré et hébergé dans le cloud.

Connectez-vous en ssh à votre serveur dédié :

Ouvrez un terminal ou CMD et tapez la commande suivante :

$ ssh -l desktop serverXX.ittraining.network

où XX représente le numéro de votre serveur dédié. Entrez ensuite le mot de passe qui vous a été fourni.

Ouvrez putty et utilisez les informations suivantes pour vous connecter à votre serveur dédié :

• Host Name –> serverXX.ittraining.network
• Port –> 22

Au prompt, connectez-vous en tant que desktop avec le mot de passe qui vous a été fourni.

La machine virtuelle a été configurée ainsi :

Pour lancer la machine Debian_9, utilisez la commande suivante à partir de votre serveur dédié :

desktop@server16:~$ VBoxManage startvm Debian_9 --type headless
Waiting for VM "Debian_9" to power on...
VM "Debian_9" has been successfully started.

Les noms d'utilisateurs et les mots de passe sont :

Vous devez vous connecter à la machine virtuelle Debian_9 d'une des deux façons suivantes :

Ouvrez un terminal et tapez la commande suivante pour vous connecter à la machine Debian_9 :

$ ssh -l trainee localhost -p 2022

Ouvrez putty et utilisez les informations suivantes pour vous connecter à Debian_9 :

• Host Name –> localhost
• Port –> 2022

Docker n'est pas dans le dépôts de Debian. Afin de l'installer il convient d'ajouter le dépôt de docker. Premièrement, il est nécessaire d'installer les paquets permettant à Debian d'utiliser un dépôt en https :

root@debian9:~# apt-get update
...
root@debian9:~# apt-get install apt-transport-https ca-certificates curl gnupg2 software-properties-common
Reading package lists... Done
Building dependency tree       
Reading state information... Done
ca-certificates is already the newest version.
ca-certificates set to manually installed.
gnupg2 is already the newest version.
gnupg2 set to manually installed.
The following extra packages will be installed:
  libcurl3 python3-dbus python3-software-properties unattended-upgrades
Suggested packages:
  python-dbus-doc python3-dbus-dbg
The following NEW packages will be installed:
  apt-transport-https curl libcurl3 python3-dbus python3-software-properties
  software-properties-common unattended-upgrades
0 upgraded, 7 newly installed, 0 to remove and 1 not upgraded.
Need to get 960 kB of archives.
After this operation, 2,344 kB of additional disk space will be used.
Do you want to continue? [Y/n] 

Téléchargez la clef GPG officielle de docker :

root@debian9:~# curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
OK

Vérifiez que l'ID de la clef est 9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88 :

root@debian9:~# apt-key fingerprint 0EBFCD88
/etc/apt/trusted.gpg
--------------------
pub   4096R/0EBFCD88 2017-02-22
      Key fingerprint = 9DC8 5822 9FC7 DD38 854A  E2D8 8D81 803C 0EBF CD88
uid                  Docker Release (CE deb) <docker@docker.com>
sub   4096R/F273FCD8 2017-02-22
...

Ajoutez le dépôt stable de docker :

root@debian9:~# add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"

Installez maintenant le paquet docker-ce :

root@debian9:~# apt-get update
...
root@debian9:~# apt-get install docker-ce
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following extra packages will be installed:
  aufs-tools cgroupfs-mount git git-man libapparmor1 liberror-perl
  libnih-dbus1 libnih1 makedev mountall plymouth rsync
Suggested packages:
  git-daemon-run git-daemon-sysvinit git-doc git-el git-email git-gui gitk
  gitweb git-arch git-cvs git-mediawiki git-svn plymouth-themes
The following NEW packages will be installed:
  aufs-tools cgroupfs-mount docker-ce git git-man libapparmor1 liberror-perl
  libnih-dbus1 libnih1 makedev mountall plymouth rsync
0 upgraded, 13 newly installed, 0 to remove and 99 not upgraded.
Need to get 26.5 MB of archives.
After this operation, 123 MB of additional disk space will be used.
Do you want to continue? [Y/n] 

Dernièrement, vérifiez la version de Docker client et serveur :

root@debian9:~# docker version
Client: Docker Engine - Community
 Version:           19.03.4
 API version:       1.40
 Go version:        go1.12.10
 Git commit:        9013bf583a
 Built:             Fri Oct 18 15:52:34 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.4
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.10
  Git commit:       9013bf583a
  Built:            Fri Oct 18 15:51:05 2019
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.10
  GitCommit:        b34a5c8af56e510852c35414db4c1f4fa6172339
 runc:
  Version:          1.0.0-rc8+dev
  GitCommit:        3e425f80a8c931f88e6d94a8c831b9d5aa481657
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683

Re-démarrez la machine virtuelle avant de poursuivre :

root@debian9:~# shutdown -r now

Créez un répertoire nommé myDocker :

root@debian9:~/mongodb# mkdir ~/myDocker
root@debian9:~/mongodb# cd ~/myDocker
root@debian9:~/myDocker# 

Créez le fichier myEntrypoint.sh :

root@debian9:~/myDocker# vi myEntrypoint.sh
root@debian9:~/myDocker# cat myEntrypoint.sh 
#!/bin/bash
if [ -z "$myVariable" ]; then
	echo "La variable myVariable doit être renseignée"
	return 1
fi

while true;
do
	echo $1 \($(date +%H:%M:%S)\);
	sleep "$myVariable";
done

Testez ce script :

root@debian9:~/myDocker# myVariable=3 . ./myEntrypoint.sh salut
salut (20:04:39)
salut (20:04:42)
salut (20:04:45)
salut (20:04:48)
salut (20:04:51)
^C
root@debian9:~/myDocker# 

Rendez ce script exécutable :

root@debian9:~/myDocker# chmod u+x myEntrypoint.sh 

Créez maintenant le fichier Dockerfile dans le répertoire ~/myDocker :

root@debian9:~/myDocker# vi Dockerfile
root@debian9:~/myDocker# cat Dockerfile
FROM centos:latest
MAINTAINER i2tch "infos@i2tch.eu"
COPY myEntrypoint.sh /entrypoint.sh
ENV myVariable 3
ENTRYPOINT ["/entrypoint.sh"]
CMD ["mycommand"]

Générez maintenant l'image :

root@debian9:~/myDocker# docker build -t i2tch/mydocker .
Sending build context to Docker daemon  3.072kB
Step 1/6 : FROM centos:latest
 ---> 9f38484d220f
Step 2/6 : MAINTAINER i2tch "infos@i2tch.eu"
 ---> Running in 02c700ed04da
Removing intermediate container 02c700ed04da
 ---> 4274107d52e2
Step 3/6 : COPY myEntrypoint.sh /entrypoint.sh
 ---> 7a3923372768
Step 4/6 : ENV myVariable 3
 ---> Running in 3288bf6291ad
Removing intermediate container 3288bf6291ad
 ---> 3edb630c1511
Step 5/6 : ENTRYPOINT ["/entrypoint.sh"]
 ---> Running in 8dcba2c41520
Removing intermediate container 8dcba2c41520
 ---> 11962052539c
Step 6/6 : CMD ["mycommand"]
 ---> Running in f891fbcfaad0
Removing intermediate container f891fbcfaad0
 ---> 7925ba23abb2
Successfully built 7925ba23abb2
Successfully tagged i2tch/mydocker:latest

Pour installer un registre privé, il convient d'utiliser une image publique de docker :

root@debian9:~/bestp# cd ..
root@debian9:~# docker run -d --name registry -p 88:5000 registry:2.0
Unable to find image 'registry:2.0' locally
2.0: Pulling from library/registry
4d2e9ae40c41: Pull complete 
a3ed95caeb02: Pull complete 
7c8152785df5: Pull complete 
8b04aafd7cd8: Pull complete 
c97c75d2d42e: Pull complete 
4b3ef98bba76: Pull complete 
edee0288d356: Pull complete 
ea2a9399d365: Pull complete 
ddf532273b60: Pull complete 
e9e91aa1843e: Pull complete 
6144b0ffbb4c: Pull complete 
Digest: sha256:3cac1869696e4ff3435bbc30391749ac373f7471736dbb48dfa9bfde08c4efd2
Status: Downloaded newer image for registry:2.0
c4c7cad999cdd77df78a21897bd11c4742a094c1c76a2134fbe4a4d2d92bff0e

Utilisez maintenant lynx à partir d'un terminal de votre machine hôte pour vérifier que le régistre est actif :

root@debian9:~# lynx --dump http://localhost:88/v2
{}root@debian9:~# 

Renommez l'image i2tch/mydocker afin de pointer vers le nouveau registre :

root@debian9:~# docker tag i2tch/mydocker localhost:88/mydocker

Envoyez votre image localhost:88/mydocker sur ce nouveau registre :

root@debian9:~# docker push localhost:88/mydocker
The push refers to a repository [localhost:88/mydocker]
873a8ac77d4d: Pushed 
b362758f4793: Pushed 
latest: digest: sha256:30866da81d92d2a1015b869c596ddd6e188f33894c41d8effa2161e5c2862b1f size: 5531

Constatez maintenant la présence de l'image dans le registre :

root@debian9:~# lynx --dump http://localhost:88/v2/mydocker/tags/list
{"name":"mydocker","tags":["latest"]}

root@debian9:~# docker images
REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE
testcache               latest              c3b03bddaaad        18 minutes ago      120MB
<none>                  <none>              1df8c3603628        23 minutes ago      120MB
i2tch/mydocker          latest              c37edbd43993        45 minutes ago      193MB
localhost:88/mydocker   latest              c37edbd43993        45 minutes ago      193MB
i2tch/mongodb2          latest              65e81f78c0f5        12 hours ago        240MB
i2tch/mongodb1          latest              2de862819e94        12 hours ago        240MB
i2tch/mongodb           latest              01c4aa152be2        12 hours ago        1.04GB
ubuntu                  latest              ccc7a11d65b1        3 weeks ago         120MB
centos                  latest              328edcd84f1b        4 weeks ago         193MB
nginx                   latest              b8efb18f159b        6 weeks ago         107MB
debian                  wheezy-slim         884ca0b949e5        6 weeks ago         46.9MB
hello-world             latest              1815c82652c0        2 months ago        1.84kB
registry                2.0                 3bccd459597f        2 years ago         549MB

Actuellement, le registre privé créé ci-dessus n'est pas accessible à partir du réseau local car il est référencé par localhost. Il convient donc maintenant de mettre en place un serveur dédié.

Vérifiez que votre machine virtuelle Debian_9 est allumée :

desktop@server16:~$ VBoxManage list runningvms
"Debian_9" {0ab64831-56fb-4f1b-95cc-d6e107451742}

Placez Debian_9 dans le réseau NAT NatNetwork :

desktop@server16:~$ VBoxManage controlvm Debian_9 nic1 natnetwork NatNetwork

Si vous obtenez une erreur lors de l'exécution de la dernière commande, créez le réseau nat NatNetwork. Sinon passez à l'étape suivante :

desktop@server16:~$ VBoxManage natnetwork add --netname NatNetwork --network "10.0.2.0/24" --enable
desktop@server16:~$ VBoxManage natnetwork modify --netname NatNetwork --dhcp on
desktop@server16:~$ VBoxManage natnetwork start --netname NatNetwork

Arrêtez la VM Debian_9 :

desktop@server16:~$ VBoxManage controlvm Debian_9 poweroff
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%

Créez un clone de la VM Debian_9 appelé Registry :

desktop@server16:~$ VBoxManage clonevm Debian_9 --name="Registry" --register --mode=all
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
Machine has been successfully cloned as "Registry"

Vérifiez la présence de votre clône :

desktop@server16:~$ VBoxManage list vms
"Ansible" {73241c69-0827-431c-a25b-756ac6ac722c}
"CentOS_7" {2a6e6280-9c56-40eb-b04a-a96f397c82de}
"Debian_9" {0ab64831-56fb-4f1b-95cc-d6e107451742}
"Manager" {f1b9be7c-5cdf-459a-a47a-21cfac927966}
"TargetA" {66583f4a-fa27-4db5-b12f-05f36902b1ab}
"TargetB" {4819e950-8477-42b5-912d-6fe67cb88b9c}
"Web01" {f14ef311-8b34-4850-99a4-12d3ef24e63b}
"Web02" {62522626-8415-4810-a7c6-6c8fdb5dfef8}
"Web03" {16d9bf94-bfa0-46ea-9c5b-5dece023b073}
"Web04" {986e91a0-50e8-4170-8055-ba8ca5f0dcb3}
"Windows10" {c3c63823-af86-4cf3-9fb7-1e215e7b662a}
"Worker1" {a924df56-20d4-4638-a4d9-67a1a019591c}
"Worker2" {25fae873-dbba-4332-961f-24077cee5310}
"Debian_9_1" {38603f72-6cae-4186-a5ed-648e900cf398}
"Registry" {aac92847-6833-494a-8ca6-0c403a7a249a}

Démarrez la machine virtuelle Registry :

desktop@server16:~$ VBoxManage startvm Registry --type headless

Configurez votre clone en réseau NAT :

desktop@server16:~$ VBoxManage controlvm Registry nic1 nat

Connectez-vous à votre clone :

desktop@server16:~$ ssh -l trainee localhost -p 2022
trainee@localhost's password: trainee

En tant que root, modifiez le nom d'hôte de la machine !

trainee@debian9:~$ su -
Mot de passe : fenestros
root@debian9:~# nmcli general hostname registry
root@debian9:~# hostname
registry

Configurez une adresse IP fixe pour la VM Registry :

root@debian9:~# nmcli connection add con-name ip_fixe ifname enp0s3 type ethernet ip4 10.0.2.4/24 gw4 10.0.2.2
Connexion « ip_fixe » (a84f9227-dd89-4e06-957f-cb707e83fd47) ajoutée avec succès.
root@debian9:~# nmcli connection mod ip_fixe ipv4.dns 8.8.8.8
root@debian9:~# nmcli connection up ip_fixe

Fermez le terminal et reconnectez-vous à votre serveur. Vérifiez que seule la VM Registry soit allumée :

desktop@server16:~$ VBoxManage list runningvms
"Registry" {aac92847-6833-494a-8ca6-0c403a7a249a}

Coonectez-vous à la VM Registry :

desktop@server16:~$ ssh -l trainee localhost -p 2022
trainee@localhost's password: trainee

Vérifiez la prise en compte de la modification de l'adresse IP :

trainee@registry:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:3b:0a:87 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.4/24 brd 10.0.2.255 scope global enp0s3
       valid_lft forever preferred_lft forever
    inet6 fe80::eaaa:3c18:9e20:768b/64 scope link 
       valid_lft forever preferred_lft forever

Sortez de la VM Registry :

trainee@registry:~$ exit
déconnexion
Connection to localhost closed.

Remettez la VM Registry dans le réseau NAT NatNetwork :

desktop@server16:~$ VBoxManage controlvm Registry nic1 natnetwork NatNetwork

Configurez la redirection des ports dans le réseau NAT NatNetwork :

desktop@server16:~$ VBoxManage natnetwork modify --netname NatNetwork --port-forward-4 "Docker_Debian_9:tcp:[]:2022:[10.0.2.15]:22"
desktop@server16:~$ VBoxManage natnetwork modify --netname NatNetwork --port-forward-4 "Docker_Registry:tcp:[]:4022:[10.0.2.4]:22"

Connectez-vous à la VM Registry :

desktop@server16:~$ ssh -l trainee localhost -p 4022
trainee@localhost's password: trainee
Linux registry 4.9.0-8-amd64 #1 SMP Debian 4.9.130-2 (2018-10-27) x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Fri Apr 17 15:36:25 2020 from 10.0.2.2
trainee@registry:~$ su -
Mot de passe : fenestros
root@registry:~#

Editez le fichier /etc/hosts :

root@registry:~# vi /etc/hosts
root@registry:~# cat /etc/hosts
127.0.0.1	localhost
127.0.1.1	debian9.i2tch.loc   	debian9
10.0.2.4	myregistry.i2tch.loc    myregistry
10.0.2.15   debian9.i2tch.loc       debian9

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

Créez maintenant un certificat auto-signé avec openssl :

root@registry:~# cd / && mkdir certs && openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key -x509 -days 365 -out certs/domain.crt
Generating a 4096 bit RSA private key
............................................................++
.......................................................................................................................................++
writing new private key to 'certs/domain.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:FR
State or Province Name (full name) [Some-State]:VAR
Locality Name (eg, city) []:Toulon
Organization Name (eg, company) [Internet Widgits Pty Ltd]:I2TCH LTD
Organizational Unit Name (eg, section) []:TRAINING
Common Name (e.g. server FQDN or YOUR name) []:myregistry
Email Address []:
root@registry:/# ls certs/
domain.crt  domain.key

Supprimez le conteneur registry :

root@registry:/# docker rm registry
registry

Créez un conteneur en mode sécurisé avec TLS à partir de l'image registry :

root@registry:/# docker run -d -p 5000:5000 --name registry -v `pwd`/certs:/certs -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key registry:2.0
943c01b67cf3f461270a55ac3d9df6622cc9d74e5f272e17153183ff29ee5932
root@debian9:/# 

root@registry:/# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                        PORTS                    NAMES
943c01b67cf3        registry:2.0        "registry cmd/regi..."   31 seconds ago      Up 24 seconds                 0.0.0.0:5000->5000/tcp   registry
ea239635e141        testcache           "more /tmp/moment"       40 minutes ago      Exited (0) 40 minutes ago                              test1
21b0490a93dd        i2tch/mydocker      "/entrypoint.sh my..."   About an hour ago   Exited (137) 18 minutes ago                            myDocker
b9773e4aa06d        i2tch/mongodb2      "docker-entrypoint..."   2 hours ago         Exited (0) 18 minutes ago                              mongo2
bdb4bc0f81de        i2tch/mongodb1      "docker-entrypoint..."   12 hours ago        Created                       27017/tcp                mongo1
f5b45072b831        i2tch/mongodb       "bash"                   13 hours ago        Exited (137) 18 minutes ago                            mongo
9731a48f126a        nginx               "nginx -g 'daemon ..."   13 hours ago        Exited (0) 18 minutes ago                              cocky_gates
eacd70596e23        nginx               "nginx -g 'daemon ..."   13 hours ago        Exited (0) 13 hours ago                                adoring_yonath
cffb4456e9c4        ubuntu              "/bin/bash"              14 hours ago        Exited (0) 14 hours ago                                i2tch

Supprimez le conteneur registry :

root@debian9:~# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                     PORTS               NAMES
c4c7cad999cd        registry:2.0        "registry cmd/regi..."   4 hours ago         Exited (2) 4 hours ago                         registry
ea239635e141        testcache           "more /tmp/moment"       4 hours ago         Exited (0) 4 hours ago                         test1
21b0490a93dd        i2tch/mydocker      "/entrypoint.sh my..."   4 hours ago         Exited (137) 4 hours ago                       myDocker
b9773e4aa06d        i2tch/mongodb2      "docker-entrypoint..."   5 hours ago         Exited (0) 4 hours ago                         mongo2
bdb4bc0f81de        i2tch/mongodb1      "docker-entrypoint..."   16 hours ago        Created                    27017/tcp           mongo1
f5b45072b831        i2tch/mongodb       "bash"                   16 hours ago        Exited (137) 4 hours ago                       mongo
9731a48f126a        nginx               "nginx -g 'daemon ..."   16 hours ago        Exited (0) 4 hours ago                         cocky_gates
eacd70596e23        nginx               "nginx -g 'daemon ..."   17 hours ago        Exited (0) 17 hours ago                        adoring_yonath
cffb4456e9c4        ubuntu              "/bin/bash"              17 hours ago        Exited (0) 17 hours ago                        i2tch
root@debian9:~# docker rm registry
registry
root@debian9:~# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                     PORTS               NAMES
ea239635e141        testcache           "more /tmp/moment"       4 hours ago         Exited (0) 4 hours ago                         test1
21b0490a93dd        i2tch/mydocker      "/entrypoint.sh my..."   4 hours ago         Exited (137) 4 hours ago                       myDocker
b9773e4aa06d        i2tch/mongodb2      "docker-entrypoint..."   5 hours ago         Exited (0) 4 hours ago                         mongo2
bdb4bc0f81de        i2tch/mongodb1      "docker-entrypoint..."   16 hours ago        Created                    27017/tcp           mongo1
f5b45072b831        i2tch/mongodb       "bash"                   16 hours ago        Exited (137) 4 hours ago                       mongo
9731a48f126a        nginx               "nginx -g 'daemon ..."   16 hours ago        Exited (0) 4 hours ago                         cocky_gates
eacd70596e23        nginx               "nginx -g 'daemon ..."   17 hours ago        Exited (0) 17 hours ago                        adoring_yonath
cffb4456e9c4        ubuntu              "/bin/bash"              17 hours ago        Exited (0) 17 hours ago                        i2tch

ainsi que l'image du registry :

root@debian9:~# docker images
REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE
testcache               latest              c3b03bddaaad        4 hours ago         120MB
<none>                  <none>              1df8c3603628        4 hours ago         120MB
i2tch/mydocker          latest              c37edbd43993        5 hours ago         193MB
localhost:88/mydocker   latest              c37edbd43993        5 hours ago         193MB
<none>                  <none>              d6b51963df8d        5 hours ago         193MB
i2tch/mongodb2          latest              65e81f78c0f5        16 hours ago        240MB
i2tch/mongodb1          latest              2de862819e94        16 hours ago        240MB
i2tch/mongodb           latest              01c4aa152be2        16 hours ago        1.04GB
ubuntu                  latest              ccc7a11d65b1        3 weeks ago         120MB
centos                  latest              328edcd84f1b        4 weeks ago         193MB
nginx                   latest              b8efb18f159b        6 weeks ago         107MB
debian                  wheezy-slim         884ca0b949e5        6 weeks ago         46.9MB
hello-world             latest              1815c82652c0        2 months ago        1.84kB
registry                2.0                 3bccd459597f        2 years ago         549MB

root@debian9:~# docker rmi registry:2.0
Untagged: registry:2.0
Untagged: registry@sha256:3cac1869696e4ff3435bbc30391749ac373f7471736dbb48dfa9bfde08c4efd2
Deleted: sha256:3bccd459597f38e78ce95a408e506099644ca713d79157d2f3e3a7975f1c9146
Deleted: sha256:e486d081a2821af119adbc458214cacf510ebb519cdf31e04ac3d4c6ac521c31
Deleted: sha256:d206757aba612d90965729f186dfb70aa5e63b53dafd7e7b20a76005acddfe24
Deleted: sha256:1b953394add763fbaa50446b03d636f453fa75b2d12676ceb4b71681b4da6e7d
Deleted: sha256:e8a2cacb793cb843e35bbf64e9c73d685d83ecc8192fbdbc098b0e5fbcced848
Deleted: sha256:19eec9bf8dcc3cb15b93cdcff717057444c540ee641cf20b7ef647d19b9d1df4
Deleted: sha256:2fb6f2d834e4dd55a7a6bb1472f5c293242e6439982332143d7332642a238d40
Deleted: sha256:e08b039d73e73f17b3fa02ebf9a28ef156a7b43b828cd67ed422b9d7a01e5482
Deleted: sha256:bd85e070a996530cc5f576bc5f56a0e3a159e00091410987416844de6e018415
Deleted: sha256:6269effe5aa88dfc0071a2841605d95c0d809111333b5044b2459b43e5879f44
Deleted: sha256:784ff50f126370cb3be928cd14a078605990efda458e73ad43f2a2e40e1efda2
Deleted: sha256:29efd197b6056e252ebb46fe1b315489c2f8e032eb32d1f6fcd0119ee9536df7
Deleted: sha256:3d42e373d713bfab9403159f282ba4cfaa7b4f33e57d5e36d4d2ca0ca1a2f4e7
Deleted: sha256:518c6772b2fc316c63e9f4f9745e3587f169ec916fd26749b0ce7bf1f36bb93b
Deleted: sha256:e74bff63859c2597691fffd6fe95b35b0803f6791bc6565072bf07067574dba3
Deleted: sha256:f76baad394e6d835fa0e166254e9f70af873fe43232c67ac198a67865084ccee
Deleted: sha256:b0eba742532f664bab6fc6d5bd00c60141397ba299f6743457f7ead64d7c714d
Deleted: sha256:c10c49233bc62ce69aafa1a44a62d8639a7be08d68b1c23d6b25ebb13e5324b0
Deleted: sha256:1c8e9ba14469736fa03ede127e47f5821ca97b3029385ec1348e87932c875ff8
Deleted: sha256:611f5c9e21fce8d870f9ba82248980ca3baaaf95afef2b17504372d1ca03cb5a
Deleted: sha256:4cb1abe123254326dba72305ef897fdf5364ebb1823413e13dbced41990f951e
Deleted: sha256:e10e5ea91f007db418b284f4adc5f0b98f374d79ae52b9687b0d6d33865ffbcf
Deleted: sha256:c69ae1aa46985cbaf186b6354c61a1d2e0d6af47133db47bf04f0c6eb9c858e9

root@debian9:~# docker images
REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE
testcache               latest              c3b03bddaaad        4 hours ago         120MB
<none>                  <none>              1df8c3603628        4 hours ago         120MB
i2tch/mydocker          latest              c37edbd43993        5 hours ago         193MB
localhost:88/mydocker   latest              c37edbd43993        5 hours ago         193MB
<none>                  <none>              d6b51963df8d        5 hours ago         193MB
i2tch/mongodb2          latest              65e81f78c0f5        16 hours ago        240MB
i2tch/mongodb1          latest              2de862819e94        16 hours ago        240MB
i2tch/mongodb           latest              01c4aa152be2        16 hours ago        1.04GB
ubuntu                  latest              ccc7a11d65b1        3 weeks ago         120MB
centos                  latest              328edcd84f1b        4 weeks ago         193MB
nginx                   latest              b8efb18f159b        6 weeks ago         107MB
debian                  wheezy-slim         884ca0b949e5        6 weeks ago         46.9MB
hello-world             latest              1815c82652c0        2 months ago        1.84kB

Renommez l'image i2tch/mydocker afin de pointer vers le serveur de registre :

root@debian9:~# docker tag i2tch/mydocker myregistry:5000/mydocker
root@debian9:~# docker images
REPOSITORY                 TAG                 IMAGE ID            CREATED             SIZE
testcache                  latest              c3b03bddaaad        4 hours ago         120MB
<none>                     <none>              1df8c3603628        4 hours ago         120MB
i2tch/mydocker             latest              c37edbd43993        5 hours ago         193MB
localhost:88/mydocker      latest              c37edbd43993        5 hours ago         193MB
myregistry:5000/mydocker   latest              c37edbd43993        5 hours ago         193MB
<none>                     <none>              d6b51963df8d        5 hours ago         193MB
i2tch/mongodb2             latest              65e81f78c0f5        16 hours ago        240MB
i2tch/mongodb1             latest              2de862819e94        16 hours ago        240MB
i2tch/mongodb              latest              01c4aa152be2        16 hours ago        1.04GB
ubuntu                     latest              ccc7a11d65b1        3 weeks ago         120MB
centos                     latest              328edcd84f1b        4 weeks ago         193MB
nginx                      latest              b8efb18f159b        6 weeks ago         107MB
debian                     wheezy-slim         884ca0b949e5        6 weeks ago         46.9MB
hello-world                latest              1815c82652c0        2 months ago        1.84kB

Editez le fichier /etc/hosts afin de pointer le 10.0.2.4 vers le nom myregistry :

root@debian9:~# vi /etc/hosts
root@debian9:~# cat /etc/hosts
127.0.0.1	localhost
127.0.1.1	debian9.i2tch.loc   	debian9
10.0.2.4	myregistry.i2tch.loc    myregistry
10.0.2.15   debian9.i2tch.loc       debian9

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

De la machine virtuelle registry envoyez une copie du fichier /certs/domain.crt vers le répertoire /tmp de la machine virtuelle Debian_9 en le renommant ca.crt :

root@registry:~# scp /certs/domain.crt trainee@10.0.2.15:/tmp/ca.crt
The authenticity of host '10.0.2.15 (10.0.2.15)' can't be established.
ECDSA key fingerprint is 79:00:60:0e:2b:71:5e:cb:1a:08:45:e8:ab:45:b8:dd.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.2.15' (ECDSA) to the list of known hosts.
trainee@10.0.2.15's password: 
domain.crt                                                                                                                            100% 2017     2.0KB/s   00:00  

Dans la machine virtuelle Debian_9, déplacez le fichier /tmp/ca.crt vers le répertoire /etc/docker/certs.d/myregistry:5000/ :

root@debian9:~# mkdir -p /etc/docker/certs.d/myregistry:5000
root@debian9:~# mv /tmp/ca.crt /etc/docker/certs.d/myregistry:5000/

Testez la réponse du registre :

root@debian9:~# curl http://myregistry:5000/v2/



Finalement, envoyez l'image au registre :

root@debian9:~# docker push myregistry:5000/mydocker
The push refers to a repository [myregistry:5000/mydocker]
873a8ac77d4d: Pushed 
b362758f4793: Pushed 
latest: digest: sha256:30866da81d92d2a1015b869c596ddd6e188f33894c41d8effa2161e5c2862b1f size: 5531

<html>

</html>