红帽全球峰会第 9 章 配置 Docker registry
配置 Docker registry 以使用红帽构建的 Keycloak。
注意
Docker 身份验证默认为禁用。要启用和禁用功能,请参阅 启用和禁用功能。
本节论述了如何配置 Docker registry,以使用红帽构建的 Keycloak 作为其身份验证服务器。
有关如何设置和配置 Docker registry 的更多信息,请参阅 Docker 注册表配置指南。
9.1. 安装 Docker registry 配置文件
复制链接链接已复制到粘贴板!
对于具有更高级的 Docker registry 配置的用户,通常建议提供自己的 registry 配置文件。Red Hat build of Keycloak Docker 供应商通过 Registry Config File Format 选项支持这个机制。选择这个选项将生成类似如下的输出:
auth:
token:
realm: http://localhost:8080/realms/master/protocol/docker-v2/auth
service: docker-test
issuer: http://localhost:8080/realms/master
auth:
token:
realm: http://localhost:8080/realms/master/protocol/docker-v2/auth
service: docker-test
issuer: http://localhost:8080/realms/master然后可将此输出复制到任何现有的 registry 配置文件中。如需有关如何 设置文件的更多信息,或以 基本示例 开始,请参阅 registry 配置文件规格。
警告
别忘记使用 Red Hat build of Keycloak 域的公钥的位置配置 rootcertbundle 字段。没有此参数,auth 配置将无法正常工作。
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}