搭建 Docker私有仓库
2019-08-16 本文已影响0人
___n
1. 关于Registry
官方的Docker hub是一个用于管理公共镜像的好地方,我们可以在上面找到我们想要的镜像,也可以把我们自己的镜像推送上去。但是,有时候,我们的使用场景需要我们拥有一个私有的镜像仓库用于管理我们自己的镜像。这个可以通过开源软件Registry来达成目的。
2. Registry的部署
运行下面命令获取registry镜像,
docker search registry
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
docker.io docker.io/registry The Docker Registry 2.0 implementation for... 2655 [OK]
docker.io docker.io/distribution/registry WARNING: NOT the registry official image!!... 57 [OK]
docker.io docker.io/stefanscherer/registry-windows Containerized docker registry for Windows ... 26
docker.io docker.io/budry/registry-arm Docker registry build for Raspberry PI 2 a... 18
docker.io docker.io/deis/registry Docker image registry for the Deis open so... 12
docker.io docker.io/anoxis/registry-cli You can list and delete tags from your pri... 7 [OK]
docker.io docker.io/vmware/registry 5
docker.io docker.io/allingeek/registry A specialization of registry:2 configured ... 4 [OK]
docker.io docker.io/pallet/registry-swift Add swift storage support to the official ... 4 [OK]
docker.io docker.io/jc21/registry-ui A nice web interface for managing your Doc... 2
docker.io docker.io/conjurinc/registry-oauth-server Docker registry authn/authz server backed ... 1
docker.io docker.io/goharbor/registry-photon 1
docker.io docker.io/ibmcom/registry Docker Image for IBM Cloud private-CE (Com... 1
docker.io docker.io/metadata/registry Metadata Registry is a tool which helps yo... 1 [OK]
docker.io docker.io/webhippie/registry Docker images for Docker Registry 1 [OK]
docker.io docker.io/concourse/registry-image-resource 0
docker.io docker.io/convox/registry 0
docker.io docker.io/deepsecurity/registryviews Deep Security Smart Check 0
docker.io docker.io/ghmlee/registrybot registrybot 0 [OK]
docker.io docker.io/gisjedi/registry-proxy Reverse proxy of registry mirror image gis... 0
docker.io docker.io/kontena/registry Kontena Registry 0
docker.io docker.io/lorieri/registry-ceph Ceph Rados Gateway (and any other S3 compa... 0
docker.io docker.io/upmcenterprises/registry-creds 0
docker.io docker.io/vmware/registry-photon 0
docker.io docker.io/zoined/registry Private Docker registry based on registry:2 0
docker pull registry
然后启动一个容器,这里的 /opt/registry 是我们本地的目录,用于存储上传的镜象,/var/lib/registry是Registry服务默认的保存镜象目录
docker run -d -v /opt/registry:/var/lib/registry -p 5000:5000 --restart=always --name registry registry
运行 docker ps 看一下容器情况,
sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f3766397a458 registry "/bin/registry /etc/d" 46 seconds ago Up 45 seconds 0.0.0.0:5000->5000/tcp registry
说明我们已经启动了registry服务,打开浏览器输入http://127.0.0.1:5000/v2,正常返回如下数据
{}
3. 验证
现在我们通过将镜像push到registry来验证一下。
我的机器上有个hello-world的镜像,我们要通过docker tag将该镜像标志为要推送到私有仓库,
docker tag hello-world 127.0.0.1:5000/hello-world
然后查看以下本地的镜像,
docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
registry 2.1.1 b91f745cd233 5 days ago 220.1 MB
ubuntu 14.04 a5a467fddcb8 6 days ago 187.9 MB
hello-world latest 975b84d108f1 2 weeks ago 960 B
127.0.0.1:5000/hello-world latest 975b84d108f1 2 weeks ago 960 B
接下来,我们运行docker push将hello-world镜像push到我们的私有仓库中,
docker push 127.0.0.1:5000/hello-world
The push refers to a repository [127.0.0.1:5000/hello-world] (len: 1)
975b84d108f1: Image successfully pushed
3f12c794407e: Image successfully pushed
latest: digest: sha256:1c7adb1ac65df0bebb40cd4a84533f787148b102684b74cb27a1982967008e4b size: 2744
现在我们可以查看我们本地/opt/registry目录下已经有了刚推送上来的hello-world。我们也在浏览器中输入http://127.0.0.1:5000/v2/_catalog,正常返回如下数据
{"repositories":{hello-world}}
现在我们可以先将我们本地的127.0.0.1:5000/hello-world和hello-world先删除掉,
docker rmi hello-world
docker rmi 127.0.0.1:5000/hello-world
然后使用docker pull从我们的私有仓库中获取hello-world镜像,
docker pull 127.0.0.1:5000/hello-world
Using default tag: latest
latest: Pulling from hello-world
b901d36b6f2f: Pull complete
0a6ba66e537a: Pull complete
Digest: sha256:1c7adb1ac65df0bebb40cd4a84533f787148b102684b74cb27a1982967008e4b
Status: Downloaded newer image for 127.0.0.1:5000/hello-world:latest
lienhua34@lienhua34-Compaq-Presario-CQ35-Notebook-PC ~ $ sudo docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
registry 2.1.1 b91f745cd233 5 days ago 220.1 MB
ubuntu 14.04 a5a467fddcb8 6 days ago 187.9 MB
127.0.0.1:5000/hello-world latest 0a6ba66e537a 2 weeks ago 960 B
4. 可能问题
可能会出现无法push镜像到私有仓库的问题。这是因为我们启动的registry服务不是安全可信赖的。这是我们需要修改docker的配置文件/etc/default/docker,添加下面的内容,
DOCKER_OPTS="--insecure-registry xxx.xxx.xxx.xxx:5000"
然后重启docker后台进程,
service docker restart
这是再push即可。
