使用registry镜像创建私有仓库

安装Docker后,可以通过官方提供的registry镜像来简单搭建一套本地私有仓库环境。

[root@localhost ~]# docker pull registry
[root@localhost ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
registry            latest              5c929a8b587a        8 hours ago         33.27 MB
genesis_centos      latest              85bc3a58f134        4 days ago          277.6 MB
centos-6-x86        latest              8fca9486a39b        12 days ago         341.3 MB
centos_with_net     latest              3e8ea8607f08        4 weeks ago         294.9 MB
centos              latest              9baab0af79c4        6 weeks ago         196.7 MB

下载registry镜像,registry为Docker官方提供的一个镜像,我们可以用它来创建本地的Docker私有仓库。

[root@localhost ~]# docker run -d -p 5000:5000 registry
3dc5762733b8ae7d715bc3aef44a5bd1b5729c997c4316af1df3493992823519

在本地启动一个私有仓库服务,监听端口为5000

[root@localhost ~]# docker ps
CONTAINER ID        IMAGE               COMMAND                CREATED              STATUS              PORTS                    NAMES
3dc5762733b8        registry            "/entrypoint.sh /etc   About a minute ago   Up About a minute   0.0.0.0:5000->5000/tcp   compassionate_engelbart

[root@localhost ~]# curl http://192.168.1.179:5000/v2/_catalog
{"repositories":[]}

可以访问它,这里的IP是宿主机Linux的IP地址。

管理私有仓库镜像

[root@localhost ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
registry            latest              5c929a8b587a        9 hours ago         33.27 MB
genesis_centos      latest              85bc3a58f134        4 days ago          277.6 MB
centos-6-x86        latest              8fca9486a39b        12 days ago         341.3 MB
centos_with_net     latest              3e8ea8607f08        4 weeks ago         294.9 MB
centos              latest              9baab0af79c4        6 weeks ago         196.7 MB
[root@localhost ~]# docker pull busybox

busybox较小,下载下来,做实验用

[root@localhost ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
registry            latest              5c929a8b587a        9 hours ago         33.27 MB
genesis_centos      latest              85bc3a58f134        4 days ago          277.6 MB
busybox             latest              9967c5ad88de        11 days ago         1.093 MB
centos-6-x86        latest              8fca9486a39b        12 days ago         341.3 MB
centos_with_net     latest              3e8ea8607f08        4 weeks ago         294.9 MB
centos              latest              9baab0af79c4        6 weeks ago         196.7 MB

使用docker tag命令将这个镜像标记为192.168.1.179:5000/busybox(格式为docker tag IMAGE[:TAG] [REGISTRRYHOST/] [USERNAME/] NAME [:TAG])

[root@localhost ~]# docker tag busybox 192.168.1.179:5000/busybox
[root@localhost ~]# docker images
REPOSITORY                   TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
registry                     latest              5c929a8b587a        9 hours ago         33.27 MB
genesis_centos               latest              85bc3a58f134        4 days ago          277.6 MB
192.168.1.179:5000/busybox   latest              9967c5ad88de        11 days ago         1.093 MB
busybox                      latest              9967c5ad88de        11 days ago         1.093 MB
centos-6-x86                 latest              8fca9486a39b        12 days ago         341.3 MB
centos_with_net              latest              3e8ea8607f08        4 weeks ago         294.9 MB
centos                       latest              9baab0af79c4        6 weeks ago         196.7 MB

使用docker push上传标记的镜像:(注:下面会报错

[root@localhost ~]# docker push 192.168.1.179:5000/busybox
Error response from daemon: invalid registry endpoint https://192.168.1.179:5000/v0/: unable to ping registry endpoint https://192.168.1.179:5000/v0/
v2 ping attempt failed with error: Get https://192.168.1.179:5000/v2/: tls: oversized record received with length 20527
 v1 ping attempt failed with error: Get https://192.168.1.179:5000/v1/_ping: tls: oversized record received with length 20527. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry 192.168.1.179:5000` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/192.168.1.179:5000/ca.crt
  • 出现报错,这是因为Docker从1.3.X之后与docker registry交互默认使用的是https,然而此处搭建的私有仓库只提供http服务,所以当与私有仓库交互时就会报上面的错误。为了解决这个问题需要在启动docker server时增加启动参数为默认使用http访问。

解决方法:

[root@localhost ~]# vi /etc/init.d/docker

$exec -d $other_args 改为$exec -d --insecure-registry 172.7.15.106:5000 $other_args

重启Docker

[root@localhost ~]# /etc/init.d/docker restart
停止 docker:                                              [确定]
Starting docker:                                           [确定]

再次执行命令,还是会报错

[root@localhost ~]# docker push 192.168.1.179:5000/busybox
Error response from daemon: invalid registry endpoint "http://192.168.1.179:5000/v0/". HTTPS attempt: unable to ping registry endpoint https://192.168.1.179:5000/v0/
v2 ping attempt failed with error: Get https://192.168.1.179:5000/v2/: dial tcp 192.168.1.179:5000: connection refused
 v1 ping attempt failed with error: Get https://192.168.1.179:5000/v1/_ping: dial tcp 192.168.1.179:5000: connection refused. HTTP attempt: unable to ping registry endpoint http://192.168.1.179:5000/v0/
v2 ping attempt failed with error: Get http://192.168.1.179:5000/v2/: dial tcp 192.168.1.179:5000: connection refused
 v1 ping attempt failed with error: Get http://192.168.1.179:5000/v1/_ping: dial tcp 192.168.1.179:5000: connection refused
[root@localhost ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                CREATED             STATUS                      PORTS               NAMES
3dc5762733b8        registry            "/entrypoint.sh /etc   About an hour ago   Exited (2) 30 minutes ago                       compassionate_engelbart
359fda80c4ef        centos-6-x86        "/bin/bash"            5 days ago          Exited (130) 5 days ago                         sleepy_mestorf
d1dec1f9d91e        centos-6-x86        "/bin/bash"            5 days ago          Exited (0) 5 days ago                           stoic_curie
5ae70c73655f        centos              "/bin/bash"            5 days ago                                                          tender_galileo
  • 这是因为还没有启动registry容器
[root@localhost ~]# docker run -d -p 5000:5000 registry
4d6ddb76c357c029d42abaaef6fb0f00fbc97d22f1bc882d5214800d95006ee5
[root@localhost ~]# docker push 192.168.1.179:5000/busybox
[root@localhost ~]# curl http://192.168.1.179:5000/v2/_catalog
{"repositories":["busybox"]}

可以查看私有仓库里面的所有镜像,在结果中看到{“repositories”:[“busybox”]}表明镜像已经成功上传了。


[root@localhost ~]# docker ps
CONTAINER ID        IMAGE               COMMAND                CREATED             STATUS              PORTS                    NAMES
4d6ddb76c357        registry            "/entrypoint.sh /etc   4 minutes ago       Up 4 minutes        0.0.0.0:5000->5000/tcp   kickass_yonath
[root@localhost ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                CREATED             STATUS                      PORTS                    NAMES
4d6ddb76c357        registry            "/entrypoint.sh /etc   4 minutes ago       Up 4 minutes                0.0.0.0:5000->5000/tcp   kickass_yonath
3dc5762733b8        registry            "/entrypoint.sh /etc   About an hour ago   Exited (2) 36 minutes ago                            compassionate_engelbart
359fda80c4ef        centos-6-x86        "/bin/bash"            5 days ago          Exited (130) 5 days ago                              sleepy_mestorf
d1dec1f9d91e        centos-6-x86        "/bin/bash"            5 days ago          Exited (0) 5 days ago                                stoic_curie
5ae70c73655f        centos              "/bin/bash"            5 days ago                                                               tender_galileo

之前的registry容器也没用到,先删掉

[root@localhost ~]# docker rm 3dc5762733b8
3dc5762733b8