3 docker私有镜像仓库
3.1准备服务器
重新安装CENTOS7,加大磁盘空间。
ip |
配置 |
登录 |
192.168.168.168 |
4核虚拟CPU/4G内存/300G磁盘 |
22/密钥登陆/LCZY@mv-1 |
3.2服务器初始化
密钥登陆:
防火墙:
sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/selinux/config
setenforce 0
systemctl stop firewalld
systemctl disable firewalld
Yum源:
vi /etc/yum.repos.d/CentOS-Base.repo
替换163源,见附件。直接清空原有内容,复制粘贴。
亦或上传附件,cat 附件 > /etc/yum.repos.d/CentOS-Base.repo
然后 yum clean all yum makecache
docker安装,同上1.4.
3.3Docker Registry快速搭建私有镜像
3.3.1拉取镜像
docker pull registry
3.3.2 运行
docker run -d -v /home/registory:/var/lib/registry -p 5000:5000 --restart=always --privileged=true --name registry registry:latest
参数说明
-itd:在容器中打开一个伪终端进行交互操作,并在后台运行;
-v:把宿主机的/home/registory目录绑定 到 容器/var/lib/registry目录(这个目录是registry容器中存放镜像文件的目录),来实现数据的持久化;
-p:映射端口;访问宿主机的5000端口就访问到registry容器的服务了;
--restart=always:这是重启的策略,假如这个容器异常退出会自动重启容器;
--name registry:创建容器命名为registry,你可以随便命名;
registry:latest:这个是刚才pull下来的镜像;
3.3.3使用
3.3.3.1首先拉取nginx镜像。
当我们执行 docker pull xxx 的时候,它实际上是从 registry.hub.docker.com 这个地址去查找,这就是Docker公司为我们提供的公共仓库。
[root@docker-registry ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
bc51dd8edc1b: Pull complete
66ba67045f57: Pull complete
bf317aa10aa5: Pull complete
Digest: sha256:ad5552c786f128e389a0263104ae39f3d3c7895579d45ae716f528185b36bc6f
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
3.3.3.2 tag
将nginx重新tag,注意:“/”前边是你的仓库所在服务器的ip+映射的端口
[root@docker-registry ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 2073e0bcb60e 3 weeks ago 127MB
registry latest 708bc6af7e5e 4 weeks ago 25.8MB
[root@docker-registry ~]# docker tag nginx:latest 192.168.168.168:5000/nginxtest:latest
[root@docker-registry ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.168.168:5000/nginxtest latest 2073e0bcb60e 3 weeks ago 127MB
nginx latest 2073e0bcb60e 3 weeks ago 127MB
registry latest 708bc6af7e5e 4 weeks ago 25.8MB
3.3.3.3 push上传到私有仓库
[root@docker-registry ~]# docker push 192.168.168.168:5000/nginxtest:latest
The push refers to repository [192.168.168.168:5000/nginxtest]
Get https://192.168.168.168:5000/v2/: http: server gave HTTP response to HTTPS client
出现报错,原因是docker私有仓库服务器,默认是https协议,所以我们需要进行修改不使用https。因此,修改(若无此文件就创建)
[root@docker-registry ~]# vim /etc/docker/daemon.json
添加:
{
"insecure-registries":["192.168.168.168:5000"]
}
重启docker服务
[root@docker-registry ~]# systemctl daemon-reload
[root@docker-registry ~]# systemctl restart docker
重启后看到我们之前always启动的registry,自动运行。
[root@docker-registry ~]# docker ps
重新上传push操作。成功。
[root@docker-registry ~]# docker push 192.168.168.168:5000/nginxtest:latest
The push refers to repository [192.168.168.168:5000/nginxtest]
22439467ad99: Pushed
b4a29beac87c: Pushed
488dfecc21b1: Pushed
latest: digest: sha256:62f787b94e5faddb79f96c84ac0877aaf28fb325bfc3601b9c0934d4c107ba94 size: 948
3.3.3.4测试拉取功能
首先删除原有的镜像
[root@docker-registry ~]# docker rmi 192.168.168.168:5000/nginxtest:latest
Untagged: 192.168.168.168:5000/nginxtest:latest
Untagged: 192.168.168.168:5000/nginxtest@sha256:62f787b94e5faddb79f96c84ac0877aaf28fb325bfc3601b9c0934d4c107ba94
Deleted: sha256:2073e0bcb60ee98548d313ead5eacbfe16d9054f8800a32bedd859922a99a6e1
Deleted: sha256:a3136fbf38691346715cac8360bcdfca0fff812cede416469653670f04e2cab0
Deleted: sha256:99360ffcb2da18fd9ede194efaf5d4b90e7aee99f45737e918113e6833dcf278
Deleted: sha256:488dfecc21b1bc607e09368d2791cb784cf8c4ec5c05d2952b045b3e0f8cc01e
[root@docker-registry ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry latest 708bc6af7e5e 4 weeks ago 25.8MB
尝试拉取镜像操作,发现速度飞快。
[root@docker-registry ~]# docker pull 192.168.168.168:5000/nginxtest:latest
latest: Pulling from nginxtest
bc51dd8edc1b: Pull complete
66ba67045f57: Pull complete
bf317aa10aa5: Pull complete
Digest: sha256:62f787b94e5faddb79f96c84ac0877aaf28fb325bfc3601b9c0934d4c107ba94
Status: Downloaded newer image for 192.168.168.168:5000/nginxtest:latest
192.168.168.168:5000/nginxtest:latest
3.3.4查看
3.3.4.1 私有云docker镜像列表
[root@docker-registry ~]# curl -XGET http://192.168.168.168:5000/v2/_catalog
{"repositories":["nginxtest"]}
3.3.4.2 查看某个镜像的标签列表
[root@docker-registry ~]# curl -XGET http://192.168.168.168:5000/v2/nginxtest/tags/list
{"name":"nginxtest","tags":["latest"]}
3.3.4.3 服务器文件
[root@docker-registry repositories]# ls
nginxtest
[root@docker-registry repositories]# pwd
/home/registory/docker/registry/v2/repositories