在 Docker 中添加不安全的注册表项
虽然强烈建议使用由已知证书颁发机构 (CA) 颁发的传输层安全 (TLS) 证书来保护您的注册表,但我们可以选择通过未加密的超文本传输协议 (HTTP) 连接使用我们不安全的注册表。 本文将讨论如何在 Docker 中添加不安全的注册表。
在 Docker 中添加不安全的注册表项
此过程将 Docker 设置为完全无视注册表安全性。 因此,不建议将易受攻击的注册表项引入 Docker。
您的注册表容易受到简单的中间人 (MITM) 攻击。 将此解决方案专门用于单独测试或在受到严格监管且密闭的区域。
在以下位置编辑 daemon.json 文件:
- Linux: /etc/docker/daemon.json
- Windows: C:\ProgramData\docker\config\daemon.json
无论我们使用 Docker Desktop for Mac 还是 Docker Desktop for Windows,我们都应该单击 Docker 图标,选择 Preferences for Mac 或 Settings for Windows,然后选择 Docker Engine。
如果 daemon.json 文件不存在,我们可以在目录中创建它。 如果不存在其他设置,该文件应包含以下强制信息。
{
"insecure-registries" : [ "hostname.cloudapp.net:5000" ]
}
将示例地址替换为不安全注册表容器的地址。
为了通过启用了不安全注册表的 HTTPS 进行测试,Docker 遵循以下步骤:
- 如果HTTPS可用,但证书无效,请忽略证书错误。
- 如果 HTTPS 不可用,请使用 HTTP。
重新启动 Docker 容器以使更改生效。
请记住,只要遵循这些过程,基本身份验证就无法访问不安全的注册表。 因此,每个试图访问您的注册表的容器引擎主机都必须再次执行上述步骤。
相关文章
Get the IP address of the Docker container from the host using docker inspect
发布时间:2025/03/26 浏览次数:102 分类:Docker
-
Docker containers are not just for isolation—they are often used to manage processes that still need to communicate directly with each other. However, to communicate, you usually need to know the IP address of each container, which you ca
Solution to incorrect access log time when deploying Nginx in Docker
发布时间:2025/03/26 浏览次数:165 分类:Docker
-
In the process of operating the website, I never took the logs too seriously. Although logging was turned on, I never analyzed the logs carefully. Today, when I looked at the logs on a whim, I found that the recorded time was 8 hours less t
Docker deploys nginx php application
发布时间:2025/03/26 浏览次数:131 分类:Docker
-
I'm learning docker recently. I'm learning by building an nginx+php development environment example. Here I record the build process. First, give a docker-compose.yml deployment configuration file version: '3' services: nginx: container_nam
How to use Docker to image a Node.js web application
发布时间:2025/03/26 浏览次数:107 分类:Docker
-
Docker is a containerization platform that simplifies the packaging and execution of applications. Containers run as independent processes with their own file systems, but share the kernel of their host machine. Docker has attracted much at
Start a Bash terminal in a new Docker container
发布时间:2025/03/26 浏览次数:97 分类:Docker
-
Docker containers are a standard unit for packaging all the dependencies of an application, allowing us to easily run them in any environment. Containers have become very popular recently, and most developers now rely heavily on containers
Passing environment variables to containers in Docker
发布时间:2025/03/26 浏览次数:124 分类:Docker
-
This article will introduce how to pass environment variables to containers in Docker. Passing environment variables to containers in Docker using the -e and tags -env We will first see how to create environment variables and pass them to t
Install Docker using Homebrew
发布时间:2025/03/26 浏览次数:202 分类:Docker
-
There is no doubt that Docker containers have revolutionized the way we develop and deploy applications. They provide developers with the ability to package applications and dependencies in an isolated environment. Recently, we've seen wide
Enforce clean build of images in Docker
发布时间:2025/03/26 浏览次数:87 分类:Docker
-
This article discusses and demonstrates how to enforce clean builds of images in Docker. Building images in Docker We will use a simple Flask application to demonstrate this concept. my-app Create a app.py simple application named in the ho
Running a Docker instance from a Dockerfile
发布时间:2025/03/26 浏览次数:140 分类:Docker
-
Docker containers have undoubtedly become the standard unit for managing software and dependencies in different environments. When using real applications, you must create a docker file before building the container image of the application
