搭建Docker私有仓库

于 2016-08-01 17:34:46 发布
阅读量5.6k 收藏 1
点赞数
分类专栏: docker 文章标签: docker 容器 registry 私有仓库
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/liuyuansheng6911/article/details/52087655
版权

搭建Docker私有仓库

有时候使用 Docker Hub 这样的公共仓库可能不方便,用户可以创建一个本地仓库供私人使用。
docker-registry 是官方提供的工具,可以用于构建私有的镜像仓库。

一、私有仓库搭建

这将使用官方的 registry 镜像来启动本地的私有仓库。

1.1 下载registry镜像

[root@localhost ~]# docker pull registry
Using default tag: latest
Trying to pull repository docker.io/library/registry ... 
latest: Pulling from docker.io/library/registry
e110a4a17941: Pull complete 
2ee5ed28ffa7: Pull complete 
d1562c23a8aa: Pull complete 
06ba8e23299f: Pull complete 
802d2a9c64e8: Pull complete 
Digest: sha256:1b68f0d54837c356e353efb04472bc0c9a60ae1c8178c9ce076b01d2930bcc5d
Status: Downloaded newer image for docker.io/registry:latest

1.2 启动容器

[root@localhost ~]# docker run -d -p 5000:5000 registry
dfb79c4226f3d079e7ef7814ea3b1140d32ecbe06b58da75dfc77adb4da3c36b
[root@localhost ~]# 
[root@localhost ~]# 
[root@localhost ~]# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
dfb79c4226f3        registry            "/entrypoint.sh /etc/"   3 seconds ago       Up 2 seconds        0.0.0.0:5000->5000/tcp   drunk_ardinghelli

二、把镜像上传到私有仓库

创建好私有仓库之后,就可以使用 docker tag 来标记一个镜像,然后推送它到仓库,别的机器上就可以下载下来了。例如本机的IP地址是:192.168.100.143,那么私有仓库地址为 192.168.100.143:5000。如果不想使用IP地址也可以用域名。

2.1 查看本机已有镜像

[root@localhost ~]# docker images
REPOSITORY           TAG                 IMAGE ID            CREATED             SIZE
docker.io/registry   latest              c6c14b3960bd        3 days ago          33.28 MB
docker.io/ubuntu     latest              42118e3df429        9 days ago          124.8 MB

2.2 把镜像标记到私有仓库

[root@localhost ~]# docker tag docker.io/ubuntu 192.168.100.143:5000/ubuntu
[root@localhost ~]# docker images
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
docker.io/registry            latest              c6c14b3960bd        3 days ago          33.28 MB
192.168.100.143:5000/ubuntu   latest              42118e3df429        9 days ago          124.8 MB
docker.io/ubuntu              latest              42118e3df429        9 days ago          124.8 MB

2.3 添加受信私有仓库

如果不做这一步,很有可能会因为HTTPS证书不受信任而导致PUSH失败
[root@localhost ~]# vi /etc/sysconfig/docker
加入下面这一行
INSECURE_REGISTRY=’–insecure-registry 192.168.100.143:5000’

2.4 重启docker和容器

要使修改的配置生效,需要重启docker。而容器无法独立于docker而存在,docker关闭时容器也会随之关闭,所以需要重新启动容器

[root@localhost ~]# systemctl restart docker
[root@localhost ~]# docker start drunk_ardinghelli
drunk_ardinghelli

注: drunk_ardinghelli 是我这里的私有仓库的容器名称

2.5 用 docker push 上传标记的镜像

[root@localhost ~]# docker push 192.168.100.143:5000/ubuntu
The push refers to a repository [192.168.100.143:5000/ubuntu]
9a39129ae0ac: Pushed 
98305c1a8f5e: Pushed 
0185b3091e8e: Pushed 
ea9f151abb7e: Pushed 
latest: digest: sha256:c6674c44c6439673bf56536c1a15916639c47ea04c3d6296c5df938add67b54b size: 1128
[root@localhost ~]# docker images
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
docker.io/registry            latest              c6c14b3960bd        3 days ago          33.28 MB
192.168.100.143:5000/ubuntu   latest              42118e3df429        9 days ago          124.8 MB
docker.io/ubuntu              latest              42118e3df429        9 days ago          124.8 MB

三、使用私有仓库

我们在另外一台服务器上使用刚才建的私有仓库

[root@client ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
[root@client ~]# docker pull 192.168.100.143:5000/ubuntu
Using default tag: latest
Trying to pull repository 192.168.100.143:5000/ubuntu ... 
unable to ping registry endpoint https://192.168.100.143:5000/v0/
v2 ping attempt failed with error: Get https://192.168.100.143:5000/v2/: tls: oversized record received with length 20527
 v1 ping attempt failed with error: Get https://192.168.100.143:5000/v1/_ping: tls: oversized record received with length 20527

这里也需要添加受信主机,具体操作看:步骤2.3

[root@client ~]# vi /etc/sysconfig/docker
[root@client ~]# systemctl restart  docker.service
[root@client ~]# 
[root@client ~]# docker pull 192.168.100.143:5000/ubuntu
Using default tag: latest
Trying to pull repository 192.168.100.143:5000/ubuntu ... 
latest: Pulling from 192.168.100.143:5000/ubuntu
43db9dbdcb30: Pull complete 
2dc64e8f8d4f: Pull complete 
670a583e1b50: Pull complete 
183b0bfcd10e: Pull complete 
Digest: sha256:c6674c44c6439673bf56536c1a15916639c47ea04c3d6296c5df938add67b54b
Status: Downloaded newer image for 192.168.100.143:5000/ubuntu:latest
[root@client ~]# docker images
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
192.168.100.143:5000/ubuntu   latest              42118e3df429        9 days ago          124.8 MB

四、踩过的坑

4.1 push出错

[root@localhost ~]# docker push 192.168.100.143:5000/ubuntu
The push refers to a repository [192.168.100.143:5000/ubuntu]
unable to ping registry endpoint https://192.168.100.143:5000/v0/
v2 ping attempt failed with error: Get https://192.168.100.143:5000/v2/: tls: oversized record received with length 20527
 v1 ping attempt failed with error: Get https://192.168.100.143:5000/v1/_ping: tls: oversized record received with length 20527

因为没有执行步骤2.3和2.4

五、参考

  1. 《Docker —— 从入门到精通》 - https://yeasy.gitbooks.io/docker_practice/content/repository/local_repo.html
  2. Adding trusted root certificates to the server 外国网友说这里可以解决CA问题 - http://kb.kerio.com/product/kerio-connect/server-configuration/ssl-certificates/adding-trusted-root-certificates-to-the-server-1605.html
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值