Quick Start Rootless SLE OCI Container Registry

# Quick Start Rootless SLE OCI Container Image Registry ## PreRequest - Podman version: 4.7 以上 (must) - 可以執行 Rootless Podman - 系統需可以上網 Pull Image，或是先準備好 `registry.suse.com/suse/registry:latest` 這片 Container Image ## 1. 建立一個永存目錄區 ```bash! $ sudo mkdir /etc/registry && \ sudo mkdir /var/lib/docker-registry && \ sudo chown "$(id -u)":"$(id -g)" /etc/registry /var/lib/docker-registry ``` > 目錄區的擁有者和群組必須與當前使用者相同。 > - `/etc/registry`，存放 registry 的設定檔 (`config.yml`) > - `/var/lib/docker-registry`，存放 Container image ## 2. 設定 Registry ```bash! $ cat <<EOF | sudo tee /etc/registry/config.yml --- version: 0.1 log: level: info storage: filesystem: rootdirectory: /var/lib/docker-registry http: addr: 0.0.0.0:5000 EOF ``` ## 2. 啟動 SLE OCI Container Image Registry ```bash! $ podman run -d -p 5000:5000 \ --uidmap "+499:@$(id -u):1" \ --gidmap "+486:@$(id -g):1" \ -v /etc/registry/config.yml:/etc/registry/config.yml \ -v /var/lib/docker-registry:/var/lib/docker-registry \ --name registry \ registry.suse.com/suse/registry:latest ``` ## 3. 檢視 Registry 運作狀態 ```bash! $ podman ps -a ``` 螢幕輸出 : ``` CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 011a050e9087 registry.suse.com/suse/registry:2.8 serve /etc/regist... 6 minutes ago Up 6 minutes 0.0.0.0:5000->5000/tcp registry ``` ## 4. 更改 Image Tag ```bash! $ podman tag quay.io/hahappyman/alpine 192.168.61.128:5000/alpine ``` ## 5. 測試 Push Container Image ```bash! $ podman push --tls-verify=false 192.168.61.128:5000/alpine ``` 螢幕輸出 : ``` Getting image source signatures Copying blob b2d5eeeaba3a done | Copying config 6dbb9cc540 done | Writing manifest to image destination ```