$ docker run -d --restart=always --name registry -p 5000:5000 -v /storage/registry:/var/lib/registry registry：2.3.0
$ docker ps

$ docker pull centos
$ docker tag  centos:latest 192.168.211.15:5000/centos:latest
$ docker push 192.168.211.15:5000/centos:latest
The push refers to a repository [192.168.211.15:5000/centos]
Get https://192.168.211.15:5000/v1/_ping: http: server gave HTTP response to HTTPS client

$ vim /etc/sysconfig/docker
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --insecure-registry 192.168.211.15:5000'
$ docker stop registry
$ systemctl restart docker
$ docker start registry
$ docker push 192.168.211.15:5000/centos:latest
$ $ curl  https://192.168.211.15:5000/v2/_catalog
{"repositories":["centos"]}   #獲取鏡像列表

$ docker run -d -p 8080:8080 --name registry-web  --link registry -e REGISTRY_URL=http://registry:5000/v2  -e REGISTRY_NAME=localhost:5000        hyper/docker-registry-web

$ mkdir -p  /data/registry-web/config
$ vim /data/registry-web/config/registry-web.yml
registry:
  # Docker registry url
  url: 'https://192.168.211.100:5000/v2'
  # web registry context path
  # empty string for root context, /app to make web registry accessible on http://host/app
  context_path: ''
  # Trust any SSL certificate when connecting to registry
  trust_any_ssl: true
  #  base64 encoded token for basic authentication
  basic_auth: ''
  # To allow image delete, should be false
  readonly: true
  # Docker registry fqdn
  name: '192.168.211.100:5000'
  # Authentication settings
  auth:
    # Enable authentication
    enabled: true
    # Allow registry anonymous access
    # allow_anonymous: true # not implemented
    # Token issuer
    # should equals to auth.token.issuer of docker registry
    issuer: 'test-issuer'
    # Private key for token signing
    # certificate used on auth.token.rootcertbundle should signed by this key
    key: /config/server.key