实验:构建本地无认证docker仓库registry
实验:本地仓库
1、拉取registry
docker pull registry
2、修改json文件,增加本地无认证仓库地址
vi /etc/docker/daemon.json
{
"insecure-registries":["本地ip:5000"]
}
3、重启docker服务
[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl restart docker
4、开启registry容器
docker run -idt -v /root/opt:/var/lib/registry -p 5000:5000 --restart=always --name=myregistry --privileged=true registry
开启终端和输入并且后台运行
映射本地/root/opt到容器内的/var/lib/registry
映射本机5000端口到容器5000端口
重启容器,总是
名称myregistry。开启特权模式
镜像为 registry
5、验证端口开启,验证仓库
ss -nlt 查看5000端口是否打开
主机访问网址 http://ip:5000/v2/_catalog
显示{"repositories":[]} 说明开启了
6、给镜像打私有tag
先下载一个busybox
docker pull busybox
打tag
docker tag busybox 192.168.102.131:5000/mybusybox
docker images
192.168.102.131:5000/mybusybox latest 8ac48589692a 4 weeks ago 1.15 MB
docker.io/busybox latest 8ac48589692a 4 weeks ago 1.15 MB
7、推送到本地私有仓库
docker push 192.168.102.131:5000/mybusybox
8、验证
显示{"repositories":["mybusybox"]}
说明mybusybox已经上传到仓库
[root@localhost ~]# docker exec -it registy sh
/ # ls /var/lib/registry/docker/registry/v2/repositories
mybusybox
/ # ls /var/lib/registry/docker/registry/v2/repositories/mybusybox/
_layers _manifests _uploads
9、从私有仓库下载
为了看到效果,先删掉原来的镜像
docker rmi 192.168.102.131:5000/mybusybox
docker images
[root@localhost ~]# docker pull 192.168.102.131:5000/mybusybox
Using default tag: latest
Trying to pull repository 192.168.102.131:5000/mybusybox ...
latest: Pulling from 192.168.102.131:5000/mybusybox
Digest: sha256:186694df7e479d2b8bf075d9e1b1d7a884c6de60470006d572350573bfa6dcd2
Status: Downloaded newer image for 192.168.102.131:5000/mybusybox:latest