Docker
一、Docker 私有仓库搭建
环境centos 6
192.168.1.2 Docker 仓库
192.168.1.3 客户端
安装 启动(centos 7 直接yum安装)
[root@localhost ~]# wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
[root@localhost ~]# rpm -ivh epel-release-latest-6.noarch.rpm
[root@localhost ~]# yum install docker-io -y
[root@localhost ~]# service docker start
[root@localhost ~]# chkconfig docker on
192.168.1.2 搭建仓库
下载registry镜像
[root@localhost ~]# docker pull registry
添加防火墙端口
[root@localhost ~]# iptables -I INPUT 1 -p tcp --dport 5000 -j ACCEPT
启动registry
[root@localhost ~]# docker run -d -p 5000:5000 --name registry -v /opt/registry:/tmp/registry registry
参数说明:
-v /opt/registry:/tmp/registry :默认情况下,会将仓库存放于容器内的/tmp/registry目录下,指定本地目录挂载到容器
192.168.1.3 客户端
修改/etc/sysconfig/docker,重启docker,否则,上传会报错
other_args='--insecure-registry 192.168.0.179:5000' #CentOS6系统
OPTIONS='--insecure-registry 192.168.0.179:5000' #CentOS7系统
[root@localhost ~]# docker pull busybox
修改镜像的tag
[root@localhost ~]# docker tag busybox 192.168.1.2:5000/busybox
push
[root@localhost ~]# docke push 192.168.1.2:5000/busybox
pull
[root@localhost ~]# docke pull 192.168.1.2:5000/busybox
将容器生成新的镜像 (运行中的镜像称为容器)
语法格式: docker commit[repo:tag] 将一个container固化为一个新的image,后面的repo:tag可选。
[root@localhost ~]# docker ps
[root@localhost ~]# docker commit 0582b988469a java-test
[root@localhost ~]# docker images
报错总结:
1、启动端口报错
[root@localhost ~]# docker run -d -p 5000:5000 --privileged=true -v /opt/registry:/tmp/registry registry
7ff8b83095ab5bcdb487009f9515b56fbb2d9d99bae2e4a1c954c3747babcf6d
Error response from daemon: Cannot start container 7ff8b83095ab5bcdb487009f9515b56fbb2d9d99bae2e4a1c954c3747babcf6d: iptables failed: iptables -t nat -A DOCKER -p tcp -d 0/0 --dport 5000 -j DNAT --to-destination 172.17.0.6:5000 ! -i docker0: iptables: No chain/target/match by that name.
(exit status 1)
解决方法:
重启docker(service docker restart)
2、上传镜像出错
解决方法:
[root@localhost ~]# vim /etc/sysconfig/docker
other_args="--insecure-registry 192.168.1.2:5000"
docker 持久化: