Docker - 搭建私有仓库(本地镜像注册中心,registry)

通过官方Docker Registry在局域网内部搭建私有镜像注册中心.

1 - 拉取registry镜像

[anliven@anliven ~]$ cat /etc/system-release  # 本机系统版本
CentOS Linux release 7.8.2003 (Core)
[anliven@anliven ~]$
[anliven@anliven ~]$ ip addr show |grep "192.168.56."  # 本机地址
    inet 192.168.56.102/24 brd 192.168.56.255 scope global noprefixroute dynamic enp0s8
[anliven@anliven ~]$
[anliven@anliven ~]$ docker pull registry
Using default tag: latest
latest: Pulling from library/registry
9b794450f7b6: Pull complete
6ba25693af03: Pull complete
9eb68e7589ff: Pull complete
6cf77150f665: Pull complete
339e0c26c7cc: Pull complete
Digest: sha256:5bb9b919833aa955dfe1d1121cc038330b025ec6506ce47066c9192927e3dc3d
Status: Downloaded newer image for registry:latest
docker.io/library/registry:latest
[anliven@anliven ~]$
[anliven@anliven ~]$ docker images |grep registry
registry                                                            latest              ee34aa9d8ab2        12 days ago         26.2MB
[anliven@anliven ~]$

2 - 启动registry容器

[anliven@anliven ~]$ sudo mkdir /local-registry
[anliven@anliven ~]$ ls -l / |grep local
drwxr-xr-x    2 root root    6 Apr 14 05:32 local-registry
[anliven@anliven ~]$ 
[anliven@anliven ~]$ docker run -d --name local-registry --restart=always  -p 5000:5000 -v /local-registry:/var/lib/registry registry:latest
5a7ec6db4b2f1987d2ae8355af6fbc887f64b8111efa8f2e2a42c95f8e77bae5
[anliven@anliven ~]$
[anliven@anliven ~]$ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
5a7ec6db4b2f        registry:latest     "/entrypoint.sh /etc…"   8 seconds ago       Up 6 seconds        0.0.0.0:5000->5000/tcp   local-registry
[anliven@anliven ~]$
[anliven@anliven ~]$ sudo netstat -anpt |grep 5000
tcp6       0      0 :::5000                 :::*                    LISTEN      13895/docker-proxy
[anliven@anliven ~]$

浏览器打开localhost:5000/v2/, 或者命令行执行curl -v localhost:5000/v2/, 验证本地registry是否运行正常

[anliven@anliven ~]$ curl -v localhost:5000/v2/  # 验证本地registry是否运行正常
* About to connect() to localhost port 5000 (#0)
*   Trying ::1...
* Connected to localhost (::1) port 5000 (#0)
> GET /v2/ HTTP/1.1
> User-Agent: curl/7.29.0
> Host: localhost:5000
> Accept: */*
>
< HTTP/1.1 200 OK
< Content-Length: 2
< Content-Type: application/json; charset=utf-8
< Docker-Distribution-Api-Version: registry/2.0
< X-Content-Type-Options: nosniff
< Date: Wed, 14 Apr 2021 09:55:28 GMT
<
* Connection #0 to host localhost left intact
{}[anliven@anliven ~]$
[anliven@anliven ~]$
[anliven@anliven ~]$ curl localhost:5000/v2/_catalog  # 查看本地registry的镜像
{"repositories":[]}
[anliven@anliven ~]$ curl 192.168.56.102:5000/v2/_catalog  # 使用ip
{"repositories":[]}
[anliven@anliven ~]$ 

3 - 推送镜像到本地注册中心(registry)

[anliven@anliven ~]$ docker images |grep ubuntu
ubuntu                                                              latest              4e2eef94cd6b        7 months ago        73.9MB
[anliven@anliven ~]$
[anliven@anliven ~]$ docker tag ubuntu localhost:5000/ubuntu   # 更改镜像名称
[anliven@anliven ~]$ docker images |grep ubuntu
ubuntu                                                              latest              4e2eef94cd6b        7 months ago        73.9MB
localhost:5000/ubuntu                                               latest              4e2eef94cd6b        7 months ago        73.9MB
[anliven@anliven ~]$
[anliven@anliven ~]$ docker push localhost:5000/ubuntu  # 推送镜像到本地注册中心
The push refers to repository [localhost:5000/ubuntu]
a4399aeb9a0e: Pushed
35a91a75d24b: Pushed
ad44aa179b33: Pushed
2ce3c188c38d: Pushed
latest: digest: sha256:6f2fb2f9fb5582f8b587837afd6ea8f37d8d1d9e41168c90f410a6ef15fa8ce5 size: 1152
[anliven@anliven ~]$
[anliven@anliven ~]$ docker images |grep ubuntu
ubuntu                                                              latest              4e2eef94cd6b        7 months ago        73.9MB
localhost:5000/ubuntu                                               latest              4e2eef94cd6b        7 months ago        73.9MB
[anliven@anliven ~]$
[anliven@anliven ~]$ curl localhost:5000/v2/_catalog  # 查看本地registry的镜像
{"repositories":["ubuntu"]}
[anliven@anliven ~]$
[anliven@anliven ~]$ curl localhost:5000/v2/ubuntu/tags/list  # 查看本地registry中镜像的详细信息
{"name":"ubuntu","tags":["latest"]}
[anliven@anliven ~]$
[anliven@anliven ~]$ curl 192.168.56.102:5000/v2/ubuntu/tags/list
{"name":"ubuntu","tags":["latest"]}
anliven@anliven ~]$ 
[anliven@anliven ~]$ tree -L 3 /local-registry/docker/registry/v2/repositories/ubuntu/
/local-registry/docker/registry/v2/repositories/ubuntu/
├── _layers
│   └── sha256
│       ├── 46d371e02073acecf750a166495a63358517af793de739a51b680c973fae8fb9
│       ├── 4e2eef94cd6b93dd4d794c18b45c763f72edc22858e0da5b6e63a4566a54c03c
│       ├── 54ee1f796a1e650627269605cb8e6a596b77b324e6f0a1e4443dc41def0e58a6
│       ├── b66c17bbf772fa072c280b10fe87bc999420042b5fce5b111db38b4fe7c40b49
│       └── f7bfea53ad120b47cea5488f0b8331e737a97b33003517b0bd05e83925b578f0
├── _manifests
│   ├── revisions
│   │   └── sha256
│   └── tags
│       └── latest
└── _uploads

13 directories, 0 files
[anliven@anliven ~]$

4 - 拉取本地注册中心(registry)中的镜像

[anliven@anliven ~]$ cat /etc/docker/daemon.json
{
  "registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"]
}
[anliven@anliven ~]$ 
[anliven@anliven ~]$ sudo vim /etc/docker/daemon.json  # 增加insecure-registries
[anliven@anliven ~]$ cat /etc/docker/daemon.json
{
  "registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"],"insecure-registries": ["192.168.56.102:5000"]
}
[anliven@anliven ~]$
[anliven@anliven ~]$ sudo systemctl daemon-reload
[anliven@anliven ~]$ sudo systemctl restart docker
[anliven@anliven ~]$
[anliven@anliven ~]$ docker pull 192.168.56.102:5000/ubuntu
Using default tag: latest
latest: Pulling from ubuntu
Digest: sha256:6f2fb2f9fb5582f8b587837afd6ea8f37d8d1d9e41168c90f410a6ef15fa8ce5
Status: Downloaded newer image for 192.168.56.102:5000/ubuntu:latest
192.168.56.102:5000/ubuntu:latest
[anliven@anliven ~]$
[anliven@anliven ~]$ docker images |grep ubuntu
ubuntu                                                              latest              4e2eef94cd6b        7 months ago        73.9MB
localhost:5000/ubuntu                                               latest              4e2eef94cd6b        7 months ago        73.9MB
192.168.56.102:5000/ubuntu                                          latest              4e2eef94cd6b        7 months ago        73.9MB
[anliven@anliven ~]$

5 - 在其他主机拉取本地注册中心(registry)中的镜像

anliven@anliven:~$ lsb_release -a  # 系统版本
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 18.04.3 LTS
Release:        18.04
Codename:       bionic
anliven@anliven:~$
anliven@anliven:~$ ip addr show |grep "192.168.56"  # 主机地址
    inet 192.168.56.101/24 brd 192.168.56.255 scope global dynamic noprefixroute enp0s8
anliven@anliven:~$
anliven@anliven:~$ sudo vim /etc/docker/daemon.json  # 增加insecure-registries
anliven@anliven:~$ cat /etc/docker/daemon.json
{
  "registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"],"insecure-registries": ["192.168.56.102:5000"]
}
anliven@anliven:~$ sudo systemctl daemon-reload
anliven@anliven:~$ sudo systemctl restart docker
anliven@anliven:~$
anliven@anliven:~$ curl 192.168.56.102:5000/v2/_catalog
{"repositories":["ubuntu"]}
anliven@anliven:~$
anliven@anliven:~$ docker pull 192.168.56.102:5000/ubuntu  # 拉取本地注册中心(registry)中的镜像
Using default tag: latest
latest: Pulling from ubuntu
54ee1f796a1e: Pull complete
f7bfea53ad12: Pull complete
46d371e02073: Pull complete
b66c17bbf772: Pull complete
Digest: sha256:6f2fb2f9fb5582f8b587837afd6ea8f37d8d1d9e41168c90f410a6ef15fa8ce5
Status: Downloaded newer image for 192.168.56.102:5000/ubuntu:latest
192.168.56.102:5000/ubuntu:latest
anliven@anliven:~$
anliven@anliven:~$ docker images |grep ubuntu
192.168.56.102:5000/ubuntu    latest              4e2eef94cd6b        7 months ago        73.9MB
anliven@anliven:~$

问题处理: "http: server gave HTTP response to HTTPS client"

问题现象

[anliven@anliven ~]$ docker pull 192.168.56.102:5000/ubuntu
Using default tag: latest
Error response from daemon: Get https://192.168.56.102:5000/v2/: http: server gave HTTP response to HTTPS client
[anliven@anliven ~]$

处理方法

[anliven@anliven ~]$ cat /etc/docker/daemon.json
{
  "registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"]
}
[anliven@anliven ~]$ 
[anliven@anliven ~]$ sudo vim /etc/docker/daemon.json  # 增加insecure-registries
[anliven@anliven ~]$ cat /etc/docker/daemon.json
{
  "registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"],"insecure-registries": ["192.168.56.102:5000"]
}
[anliven@anliven ~]$

持久化卷

docker volume create local-registry  # 创建持久化卷,防止容器销毁后,镜像数据也同时被销毁 
docker run -d --name local-registry --restart=always  -p 5000:5000 -v /local-registry:/var/lib/registry registry:latest
posted @ 2021-04-14 23:00  Anliven  阅读(1163)  评论(0编辑  收藏  举报