一、Docker仓库管理
- 下载私有仓库registry为Docker官方提供的一个镜像,我们可以用它来来创建本地的Docker私有仓库
bash-3.2# docker pull registry
- 以registry镜像启动容器,监听5000端口
bash-3.2# docker run -d -p 5000:5000 registry #容器的5000端口映射到本机5000端口
1f5a0fdb8e35c7aea776793f3de5edbace7a9aabdbd36f8ac0a1c6413a8a6633
bash-3.2# docker ps
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1f5a0fdb8e35 registry "docker-registry" 19 minutes ago Up 19 minutes 0.0.0.0:5000->5000/tcp stoic_mccarthy
bash-3.2# curl 127.0.0.1:5000 #检测容器5000端口是否正常
"\"docker-registry server\""
- 镜像改名
bash-3.2# docker pull busybox #这个镜像比较小,仅为实验方便.
bash-3.2# docker tag busybox 192.168.1.40:5000/busybox:v01 #镜像改名
###仓库名必须带有私有仓库的ip:port,192.168.1.40是宿主机的内网ip
bash-3.2# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
192.168.1.40:5000/busybox v01 437595becdeb 3 months ago 1.113 MB
- 镜像上传到私有仓库
bash-3.2# docker push 192.168.1.40:5000/busybox
Error response from daemon: invalid registry endpoint https://192.168.1.40:5000/v0/: unable to ping registry endpoint https://192.168.1.40:5000/v0/
v2 ping attempt failed with error: Get https://192.168.1.40:5000/v2/: EOF
v1 ping attempt failed with error: Get https://192.168.1.40:5000/v1/_ping: EOF. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry 192.168.1.40:5000` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/192.168.1.40:5000/ca.crt
### 这是因为Docker从1.3X之后,与Docker registry交互默认使用的是https, 然而此处搭建的私有仓库只提供http服务,所以当与私有仓库交互时就会报上面的错误. 为了解决这个问题需要在启动docker server 时增加启动参数为默认使用http访问。解决办法如下:
bash-3.2# vim /etc/init.d/docker
58 $exec -d --insecure-registry 192.168.1.40:5000 $other_args &>> $logfile & #修改后的命令
bash-3.2# /etc/init.d/docker restart
bash-3.2# docker start 1f5a0fdb8e35 #启动刚才创建的registry容器
bash-3.2# docker push 192.168.1.40:5000/busybox #上传镜像
- 查看私有仓库镜像
bash-3.2# curl http://192.168.1.40:5000/v1/search
{"num_results": 1, "query": "", "results": [{"description": "", "name": "library/busybox"}]}
### 也可以通过浏览器访问http://192.168.1.40:5000/v1/search
- 下载私有仓库镜像(另外一台docker机器)
bash-3.2# vim /etc/init.d/docker
58 $exec -d --insecure-registry 192.168.1.40:5000 $other_args &>> $logfile & #添加私有cang ku di
bash-3.2# /etc/init.d/docker restart
bash-3.2# docker pull 192.168.1.40:5000/busybox