Private Registry with MinIO
I user this specification for this guide, detail VM :
- minio-demo
CPU : 1 core
RAM : 2 GB
IP : 192.168.100.6
DISK :- vdb : 10 GB
Installing MinIO Server
Format Disk For MinIO
1
2
3
4$ sudo parted -s -a optimal -- /dev/vdb mklabel gpt
$ sudo parted -s -a optimal -- /dev/vdb mkpart primary 0% 100%
$ sudo parted -s -- /dev/vdb align-check optimal 1
$ sudo mkfs.ext4 /dev/vdb1Mount Disk to Data
1
2
3$ echo "/dev/vdb1 /data-01 ext4 defaults 0 0" | sudo tee -a /etc/fstab
$ sudo mkdir /data-01
$ sudo mount -aIntall MinIO
1
2
3$ wget https://dl.minio.io/server/minio/release/linux-amd64/minio
$ chmod +x minio
$ sudo mv minio /usr/local/binCreate user MinIO
1
$ sudo useradd --system minio-user --shell /sbin/nologin
create directories and chown it to minio-use
1
2
3
4$ sudo mkdir -p /data/
$ sudo mkdir /etc/minio
$ sudo chown minio-user:minio-user /data/
$ sudo chown minio-user:minio-user /etc/minioCreate default config MinIO
1
2
3
4
5
6
7
8
9
10
11$ sudo vi /etc/default/minio
...
# Volume to be used for Minio server.
MINIO_VOLUMES="/data"
# Use if you want to run Minio on a custom port.
MINIO_OPTS="--address :9000"
# Access Key of the server.
MINIO_ACCESS_KEY=BKIKJAA5BMMU2RHO6IBB
# Secret key of the server.
MINIO_SECRET_KEY=V7f1CwQqAcwo80UEIJEjc5gVQUSSx5ohQ9GSrr12
...Run MinIO systemd
1
2
3
4
5
6$ curl -O https://raw.githubusercontent.com/minio/minio-service/master/linux-systemd/minio.service
$ sudo mv minio.service /etc/systemd/system
$ sudo systemctl daemon-reload
$ sudo systemctl enable minio
$ sudo systemctl start minio
$ sudo systemctl status minio -lCheck Dashboard MinIO
- access browser http://minio-demo.goreng.cc:9000
Login use Access Key and Secret Key
1 | $ cat /data/.minio.sys/config/config.json | grep accessKey |
- Check Dashboard MinIO
- access browser http://minio-demo.goreng.cc:9000
- Create Bucket docker-registry
Setup Private Registry
- Setup Registry
Create Password for registry
1
2
3$ htpasswd -Bbn admin Rahasia > htpasswd
$ mkdir docker_auth
$ cp htpasswd docker_authCreate Custome Image Registry
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31$ mkdir minio && cd minio
$ vim Dockerfile
...
FROM registry:2
COPY config.yml /etc/docker/registry/config.yml
...
$ vim config.yml
...
version: 0.1
log:
fields:
service: registry
http:
addr: :5000
storage:
cache:
layerinfo: inmemory
s3:
accesskey: 7SBGPQB4C46HJADDJJ93
secretkey: FeQ1mSL3i++9O+rAayRF6WWjfLGqE+LSIDn7waV3
region: us-east-1
regionendpoint: https://minio-demo.goreng.cc
bucket: docker-registry
encrypt: false
secure: true
v4auth: true
chunksize: 5242880
...
$ docker build -t minio .Create Docker-compose for Run Registry
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19$ cd
$ vim docker-compose.yml
...
version: '3'
services:
registry:
image: minio:latest
restart: always
ports:
- "5000:5000"
environment:
- REGISTRY_AUTH=htpasswd
- REGISTRY_AUTH_HTPASSWD_REALM="Registry Realm"
- REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd
volumes:
- ./docker_auth:/auth
- ./data/docker-registry
...
$ docker-compose up -d
Config Client for access push and pull
Create daemon.json
1
2
3
4
5
6
7
8$ sudo vim /etc/docker/daemon.json
...
{
"insecure-registries" : ["minio-demo.goreng.cc:5000"]
}
...
$ sudo systemctl daemon-reload
$ sudo systemctl restart dockerLogin to Private Registry
1
$ docker login http://minio-demo.goreng.cc:5000