[root@Docker-1 ~]# yum -y install nginxLoaded plugins: fastestmirrorLoading mirror speeds from cached hostfile * epel: mirrors.tuna.tsinghua.edu.cnResolving Dependencies--> Running transaction check---> Package nginx.x86_64 1:1.12.2-2.el7 will be installed......Installed: nginx.x86_64 1:1.12.2-2.el7 Complete!#Nginx安装成功[root@Docker-1 ~]# cat /etc/nginx/nginx.conf# For more information on configuration, see:# * Official English Documentation: http://nginx.org/en/docs/# * Official Russian Documentation: http://nginx.org/ru/docs/user nginx;worker_processes auto;error_log /var/log/nginx/error.log;pid /run/nginx.pid;include /usr/share/nginx/modules/*.conf;events { worker_connections 1024;}http { upstream Docker-registry {  server 192.168.56.146:5000; } server { listen 443; server_name Docker.test.com; ssl on; ssl_certificate "/etc/nginx/ssl/nginx-selfsigned.crt"; ssl_certificate_key "/etc/nginx/ssl/nginx-selfsigned.key"; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; client_max_body_size 0; chunked_transfer_encoding on; add_header 'Docker-Distribution-Api-Version' 'registry/2.0' always; location / {  auth_basic  "Restricted";  auth_basic_user_file /etc/nginx/auth/htpasswd.txt;  proxy_set_header Host   $http_host;  proxy_set_header X-Real-IP  $remote_addr;  proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;  proxy_set_header X-Forwarded-Proto $scheme;  proxy_read_timeout  900;  proxy_pass http://Docker-registry; } location /_ping {  auth_basic off;  proxy_pass http://Docker-registry;} location /v2/_ping { auth_basic off; proxy_pass http://Docker-registry;} location /v2/_catalog { auth_basic off; proxy_pass http://Docker-registry;} }}#Nginx配置文件配置为如上所示

[root@Docker-1 ~]# openssl req -x509 -nodes \> -newkey rsa:2048 \> -days 365 \> -subj "/C=CN/ST=bj/L=bj/O=Test/OU=Test/CN=Docker.test.com" \> -keyout /etc/nginx/ssl/nginx-selfsigned.key \> -out /etc/nginx/ssl/nginx-selfsigned.crtGenerating a 2048 bit RSA private key....................................+++.........................................................................................................................................................................+++writing new private key to '/etc/nginx/ssl/nginx-selfsigned.key'-----

[root@Docker-1 ~]# mkdir /etc/nginx/auth[root@Docker-1 ~]# cd /etc/nginx/auth/[root@Docker-1 auth]# htpasswd -c htpasswd.txt userNew password: Re-type new password: Adding password for user user#为user用户设置密码，此处密码为passwd[root@Docker-1 auth]# cat htpasswd.txt user:$apr1$kSAQ07q7$W1pe/FYOXWOg3Xn9Zb7un/

[root@Docker-1 ~]# systemctl start nginx

[root@Docker-2 ~]# cat /etc/hosts192.168.56.146 Docker.test.com#修改域名解析[root@Docker-2 ~]# scp -r 192.168.56.146:/etc/nginx/ssl/nginx-selfsigned.crt /etc/pki/ca-trust/source/anchorsroot@192.168.56.146's password:nginx-selfsigned.crt 100% 1322 375.2KB/s 00:00#拷贝证书[root@Docker-2 ~]# update-ca-trust[root@Docker-2 ~]# systemctl daemon-reload[root@Docker-2 ~]# systemctl restart Docker[root@Docker-2 ~]# docker login https://192.168.56.146:443 -u user -p "passwd"Login Succeeded#登陆成功[root@Docker-2 ~]# docker tag busybox:latest 192.168.56.146:443/busybox[root@Docker-2 ~]# docker push 192.168.56.146:443/busyboxThe push refers to repository [192.168.56.146:443/busybox]0b97b1c81a32: Layer already existslatest: digest: sha256:f79f7a10302c402c052973e3fa42be0344ae6453245669783a9e16da3d56d5b4 size: 527