无法创建docker注册表代理缓存:权限被拒绝
我快疯了无法创建docker注册表代理缓存:权限被拒绝,docker,permissions,registry,config,docker-registry,Docker,Permissions,Registry,Config,Docker Registry,我快疯了 [root@kube-1 ~]# cat config.yml version: 0.1 log: fields: service: registry storage: cache: blobdescriptor: inmemory filesystem: rootdirectory: /var/lib/registry http: addr: :5000 tls: certificate: /var/lib/registry/doc
[root@kube-1 ~]# cat config.yml
version: 0.1
log:
fields:
service: registry
storage:
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
tls:
certificate: /var/lib/registry/docker-registry.crt
key: /var/lib/registry/docker-registry.key
headers:
X-Content-Type-Options: [nosniff]
health:
storagedriver:
enabled: true
interval: 10s
threshold: 3
proxy:
remoteurl: https://registry-1.docker.io
[root@kube-1 ~]# ls -lah config.yml
-rw-rw-r--. 1 root root 476 Apr 17 07:00 config.yml
[root@kube-1 ~]# docker run -p 5000:5000 --restart=always --name registry-mirror \
> -v /var/lib/registry:/var/lib/registry \
> -v `pwd`/config.yml:/etc/docker/registry/config.yml \
> registry:2
configuration error: open /etc/docker/registry/config.yml: permission denied
Usage:
registry serve <config> [flags]
Flags:
-h, --help=false: help for serve
Additional help topics:
[centos@kube-1 registry]$ sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31
[centos@kube-1 registry]$ sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31