为了能到远方,脚下的|
收藏闪存小组博问

高宏宇

园龄:5年2个月粉丝:4关注:5

docker login 私有仓库时报错

连接私有harbor报错如下:
docker login 192.168.1.88 -uadmin -pHarbor12345

WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get "https://192.168.1.88/v2/": x509: cannot validate certificate for 192.168.1.88 because it doesn't contain any IP SANs

解决办法:

1、在/etc/docker/daemon.json中添加私有仓库地址

{
"insecure-registries":["192.168.1.88"],
"registry-mirrors":["https://rsbud4vc.mirror.aliyuncs.com","https://registry.docker-cn.com","https://docker.mirrors.ustc.edu.cn","https://dockerhub.azk8s.cn","http://hub-mirror.c.163.com","http://qtid6917.mirror.aliyuncs.com", "https://rncxm540.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver":"json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver":"overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}

部分参数(registry-mirrors、insecure-registries ...)修改,只要reconfigure(systemctl reload docker) 就生效

"registry-mirrors": ["https://8f6a79wk.mirror.aliyuncs.com"]           # 镜像加速地址
"insecure-registries":["私库地址"]         # Docker如果需要从非SSL源管理镜像,这里加上。

2、在/usr/lib/systemd/system/docker.service中添加私有仓库地址 --insecure-registry=https://192.168.1.88

cat /usr/lib/systemd/system/docker.service

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target docker.socket firewalld.service containerd.service
Wants=network-online.target
Requires=docker.socket containerd.service
 
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry=https://192.168.1.88
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
 
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3
 
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s
 
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
 
# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity
 
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
 
# kill only the docker process, not all processes in the cgroup
KillMode=process
OOMScoreAdjust=-500
 
[Install]
WantedBy=multi-user.target

重启docker服务

systemctl daemon-reload
systemctl restart docker

3.检查本地hosts文件

报错:
docker login 192.168.1.88 -u admin -pHarbor12345

WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get "https://192.168.1.88/v2/": Get "https://dockerhub/service/token?account=admin&client_id=docker&offline_token=true&service=harbor-registry": dial tcp: lookup dockerhub on 114.114.114.114:53: no such host

检查部署harbor服务的机器配置文件:
cat harbor.cfg |grep -v "#"|grep hostname

hostname = dockerhub

修改本地hosts文件:
cat /etc/hosts

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
 
192.168.1.88 dockerhub

本文作者:高宏宇

本文链接:https://www.cnblogs.com/gaohongyu/p/16992308.html

版权声明:本作品采用知识共享署名-非商业性使用-禁止演绎 2.5 中国大陆许可协议进行许可。

posted @   高宏宇  阅读(736)  评论(0编辑  收藏  举报
点击右上角即可分享
微信分享提示
SQL AI 助手
评论
收藏
关注
推荐
深色
回顶
收起