创建私有Docker Registry的坑

1.创建私有docker registry：

docker run -d -p 5000:5000 -v /opt/data/registry:/tmp/registry --name registry registry:2

 

清理过期容器的shell脚本：

#!/bin/bash
docker stop $(docker ps -a -q)
docker rm $(docker ps -a -q)

 

2.创建docker registry，假如不使用默认的https格式，那么所有的客户端和服务端必须设置--insecure-registry的标志，才可以成功的使用push和pull命令。

注意：windows docker machine目前没有解决方案，可谷歌解决方案，在创建virtual machine时候传入-insecure-registry参数。

linux系统下具体错误信息：

[root@gtest0 ~]# docker pull 42.62.101.83:5000/busybox
Using default tag: latest
Error response from daemon: Get https://42.62.101.83:5000/v1/_ping: tls: oversized record received with length 20527

下面为Centos的设置步骤：

备份原有的服务：cp /usr/lib/systemd/system/docker.service /usr/lib/systemd/system/docker.service.bak

更改服务内容配置： vi /usr/lib/systemd/system/docker.service 

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network.target docker.socket
Requires=docker.socket

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
#ExecStart=/usr/bin/docker daemon -H fd://
ExecStart=/usr/bin/docker daemon --insecure-registry 42.62.101.83:5000 -H fd:// $OPTIONS $DOCKER_STORAGE_OPTIONS

MountFlags=slave
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes

[Install]
WantedBy=multi-user.target

 

生效服务：systemctl daemon-reload 

 service docker restart