###镜像库启动

docker run -d --net=host --restart=always --name=registry  -v /mnt/cephfs/registry/etc/htpasswd:/data/registry2/etc/htpasswd -v /mnt/cephfs/registry/etc/config.yml:/etc/docker/registry/config.yml  -v /mnt/cephfs/registry/data:/data/registry2/data --entrypoint="/bin/registry" registry:2.0 /etc/docker/registry/config.yml

###主要的配置文件

version: 0.1log:  level: warn  formatter: text  fields:    service: registry    environment: stagingstorage:  filesystem:    rootdirectory: /data/registry2/data  delete:    enabled: true  redirect:    disable: false  cache:    blobdescriptor: inmemory  maintenance:    uploadpurging:      enabled: true      age: 168h      interval: 24h      dryrun: false    readonly:      enabled: falseauth:  htpasswd:    realm: basic-realm    path: /data/registry2/etc/htpasswdhttp:  addr: 127.0.0.1:5000  secret: xxxxxxxxxxxxxxxxxxxx  headers:    X-Content-Type-Options: [nosniff]health:  storagedriver:    enabled: true    interval: 10s    threshold: 3

###密码的制作

docker run --entrypoint htpasswd registry:2.0 -Bbn user password > htpasswd

nginx前端代理

upstream registry_prd_cluster {		server 127.0.0.1:5000;	}	server {		listen  80;		server_name your_host;		location / {		    proxy_pass http://registry_prd_cluster;		}		access_log /data/logs/registry_access_log main;	}