一:Docker私有倉庫安裝
1、 下載鏡像是有鏡像倉庫:
[root@localhost ~]# systemctl start docker
#如果已經(jīng)有鏡像了,強(qiáng)制刪除原來的鏡像的方式如下:
[root@xxx-pub /]# docker rmi -f docker.io/registry
Untagged: docker.io/registry:latest
Untagged: docker.io/registry@sha256:51bb55f23ef7e25ac9b8313b139a8dd45baa832943c8ad8f7da2ddad6355b3c8
[root@xxx-pub /]#
#開始下載最新的鏡像。
[root@localhost ~]# docker pull registry
Using default tag: latest
latest: Pulling from library/registry
4064ffdc82fe: Pull complete
c12c92d1c5a2: Pull complete
4fbc9b6835cc: Pull complete
765973b0f65f: Pull complete
3968771a7c3a: Pull complete
Digest: sha256:20bbbc0f6384cf7dc6e292ccbe75935b73c92ec776543c970904bc60feceb129
Status: Downloaded newer image for registry:latest
[root@localhost ~]#
2、 啟動(dòng)并且掛載鏡像倉庫到本地磁盤:
[root@xxx-pub /]# docker run -d -v /registry:/home/docker-registry -p 5000:5000 --restart=always --privileged=true --name registry registry:latest
Unable to find image 'registry:latest' locally
Trying to pull repository docker.io/library/registry ...
latest: Pulling from docker.io/library/registry
Digest: sha256:51bb55f23ef7e25ac9b8313b139a8dd45baa832943c8ad8f7da2ddad6355b3c8
Status: Downloaded newer image for docker.io/registry:latest
b7bd2b14ed488936afe798be95f3cd56f604fb092d45cf6f4a58359bcad0d34c
[root@xxx-pub /]#
- -v /registry:/home/docker-registry:默認(rèn)情況下,會(huì)將倉庫存放于容器內(nèi)的/home/docker-registry目錄下,指定本地目錄掛載到容器。
- -p 5000:5000 :端口映射。即本地5000端口,映射到registry中的5000端口。
- –restart=always1:在容器退出時(shí)總是重啟容器,主要應(yīng)用在生產(chǎn)環(huán)境。
- –privileged=true:在CentOS7中的安全模塊selinux把權(quán)限禁掉了,參數(shù)給容器加特權(quán),不加上傳鏡像會(huì)報(bào)類似權(quán)限錯(cuò)誤。OSError: [Errno 13] Permission denied: ‘/tmp/registry/repositories/liibrary')或者(Received unexpected HTTP status: 500 Internal Server Error)
- –name registry:指定容器的名稱。
為了持久化數(shù)據(jù),將volume掛載到/home/docker-registry
3、 我們給一個(gè)本地鏡像打個(gè)標(biāo)簽然后上傳:
查看本地有哪些鏡像:
[root@xxx-pub /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/centos centos7.5.1804 fdf13fa91c6e 4 weeks ago 200 MB
docker.io/registry latest b2b03e9146e1 2 months ago 33.3 MB
[root@xxx-pub /]#
以docker.io/centos為案例。
[root@xxx-pub /]# docker tag fdf13fa91c6e localhost:5000/xxx-centos7.5.1804:1.0
##localhost:5000表示倉庫地址,fdf13fa91c6e表示images id,xxx-centos7.5.1804表示鏡像名稱,1.0表示版本號(hào)。
或:
[root@xxx-pub /]# docker tag docker.io/centos:centos7.5.1804 localhost:5000/xxx-centos7.5.1804:1.0
4、 直接上傳:
[root@xxx-pub /]# docker push localhost:5000/xxx-centos7.5.1804:1.0
The push refers to a repository [localhost:5000/xxx-centos7.5.1804]
bcc97fbfc9e1: Pushed
1.0: digest: sha256:7c14180942615fef85cb5c8b1388e028be1a8f79694a5fa30a4025173e42ad61 size: 529
[root@xxx-pub /]#
在PUSH的過程中可能報(bào)類似如下的錯(cuò)誤(以下是網(wǎng)絡(luò)上的錯(cuò)誤提示):
[root@localhost ~]# docker push 192.168.174.128:5000/hello:latest
The push refers to a repository [192.168.174.128:5000/hello]
unable to ping registry endpoint https://192.168.174.128:5000/v0/
v2 ping attempt failed with error: Get https://192.168.174.128:5000/v2/: http: server gave HTTP response to HTTPS client
v1 ping attempt failed with error: Get https://192.168.174.128:5000/v1/_ping: http: server gave HTTP response to HTTPS client
[root@localhost ~]#
解決辦法:
使用的是https,修改/etc/sysconfig/docker(這里是Centos7下的docker)文件,加上ADD_REGISTRY='–add-registry 192.168.18.162:5000',INSECURE_REGISTRY='–insecure-registry 192.168.18.162:5000' (上面是歷史的docker版本的配置),如下圖:
但是在新的docker容器倉庫的配置中,自己的docker容器中的配置采用(這里在docker registry和另外pull鏡像的機(jī)器上都指定如下的配置):
指定完成之后,要重啟docker,重啟的配置如下:
[root@youx-pub volumes]# systemctl restart docker
另外:查看一下docker.service,查看一下配置文件:
[root@youx-pub registry]find / -name docker.service
/sys/fs/cgroup/memory/system.slice/docker.service
/sys/fs/cgroup/devices/system.slice/docker.service
/sys/fs/cgroup/blkio/system.slice/docker.service
/sys/fs/cgroup/cpu,cpuacct/system.slice/docker.service
/sys/fs/cgroup/pids/system.slice/docker.service
/sys/fs/cgroup/systemd/system.slice/docker.service
/usr/lib/systemd/system/docker.service
[root@youx-pub registry]# vim /usr/lib/systemd/system/docker.service
然后執(zhí)行一下:
#因?yàn)榭梢杂糜趕ystemctl啟動(dòng)的docker.service文件變化了,所以得執(zhí)行以下配置。然后執(zhí)行docker的重啟工作
systemctl daemon-reload
systemctl restart docker
如果還是報(bào)如下錯(cuò)誤:
[root@youx-pub registry]# docker push 192.168.18.162:5000/nginx:1.2
The push refers to a repository [192.168.18.162:5000/nginx]
Get https://192.168.18.162:5000/v1/_ping: http: server gave HTTP response to HTTPS client
[root@youx-pub registry]#
解決辦法是:
在/etc/docker下創(chuàng)建daemon.json,內(nèi)容是:
{"insecure-registries":["192.168.18.162:5000"]}
然后再重啟docker容器:
[root@youx-pub volumes]# systemctl restart docker
5、 上傳完成,我們可以查看一下掛載目錄是否有鏡像:
[root@xxx-pub docker-registry]# pwd
/home/docker-registry
[root@xxx-pub docker-registry] # ls /registry/
Docker
6、 關(guān)于本地鏡像的查看:
[root@xxx-pub docker-registry]# curl http://192.168.18.162:5000/v2/_catalog
{"repositories":["xxx-centos7.5.1804","xxx-centos7.5.1804-v1.0"]}
[root@xxx-pub docker-registry]#
7、 看到有兩個(gè)鏡像,我們要獲取他的標(biāo)簽信息以便下載呢:
[root@xxx-pub docker-registry]# curl http://192.168.18.162:5000/v2/xxx-centos7.5.1804/tags/list
{"name":"xxx-centos7.5.1804","tags":["1.0"]}
[root@xxx-pub docker-registry]#
8、 然后我們直接下載鏡像(到另電腦上):
[root@bigdata2 ~]# docker pull 192.168.18.162:5000/youx-centos7.5.1804:1.0
Using default tag: latest
Trying to pull repository 192.168.18.162/youx-centos7.5.1804 ...
Get https://192.168.18.162/v1/_ping: dial tcp 192.168.18.162:443: getsockopt: no route to host
[root@bigdata2 ~]#
如果出現(xiàn)上面的情況,解決辦法是:
編譯:
[root@youx-pub volumes]# vim /etc/containers/registries.conf 這個(gè)文件。
舊的是編輯:/etc/sysconfig/docker 這個(gè)文件
然后重啟docker
[root@youx-pub volumes]# systemctl restart docker
然后發(fā)現(xiàn)可以pull了
#要注意的是,這里的地址是:倉庫地址:倉庫端口號(hào)/REPOSITORY:TAG
[root@bigdata2 ~]# docker pull 192.168.18.162:5000/youx-centos7.5.1804:1.0
如果還不行,需要修改/etc/docker/daemon.json,內(nèi)容如下:
[root@bigdata2 docker]# cat daemon.json
{"insecure-registries":["192.168.18.162:5000"]}
二、從另外一臺(tái)機(jī)器上上傳鏡像到docker鏡像倉庫:
[root@bigdata2 ~]# docker tag centos7-jdk8-nginx:1.0 192.168.18.162:5000/centos7-jdk8-nginx:1.0
[root@bigdata2 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.18.162:5000/centos7-jdk8-nginx 1.0 bcacd65e2a2e 2 minutes ago 2.18 GB
[root@bigdata2 ~]# docker push 192.168.18.162:5000/centos7-jdk8-nginx:1.0
The push refers to a repository [192.168.18.162:5000/centos7-jdk8-nginx]
f018e9c38a66: Pushed
2a47dcd341ef: Pushed
c5dea3bc729a: Pushed
bcc97fbfc9e1: Pushed
1.0: digest: sha256:d907ff2f8eb590209700c01ce85c78d0bc778a4238539d747e4667d68cb52102 size: 1163
[root@bigdata2 ~]#
然后進(jìn)入docker鏡像倉庫所在位置:
[root@youx-pub registry]# curl http://192.168.18.162:5000/v2/_catalog
{"repositories":["centos7-jdk8-nginx","nginx"]}
[root@youx-pub registry]# curl http://192.168.18.162:5000/v2/centos7-jdk8-nginx/tags/list
{"name":"centos7-jdk8-nginx","tags":["1.0"]}
[root@youx-pub registry]#
三、本地鏡像如何刪除,正常是不提供刪除功能的,所以使用第三方的插件來進(jìn)行刪除
插件github上的位置:
https://github.com/burnettk/delete-docker-registry-image
1、下載資源
[root@master registry]# curl https://raw.githubusercontent.com/burnettk/delete-docker-registry-image/master/delete_docker_registry_image.py | sudo tee /usr/local/bin/delete_docker_registry_image >/dev/null
sudo chmod a+x /usr/local/bin/delete_docker_registry_image
2、 設(shè)置相關(guān)環(huán)節(jié)變量:
查找REGISTRY_DATA_DIR,命令:
[root@youx-pub registry]# find / -name registry
[root@youx-pub registry]# find / -name registry
/var/lib/docker/overlay2/d72320cd67b42f7ae66342cc6dedab7abe5e89106de8c4919ec8c5a6e5940b09/diff/var/lib/ucf/registry
/var/lib/docker/overlay2/92211417089f7be8239def550e1e89ce3f0e50ac57f2c36ba723ca312ea06ae3/diff/bin/registry
/var/lib/docker/overlay2/c1716aea0b380eb94ead9aa02552769acd4c3dac8e6dab735997f1709ce79a33/diff/etc/docker/registry
/var/lib/docker/overlay2/46f719f01255c431b4343e78607341d6d66ea482bc6d03c3b4e05e7413f46be6/diff/var/lib/registry
/var/lib/docker/overlay2/46f719f01255c431b4343e78607341d6d66ea482bc6d03c3b4e05e7413f46be6/merged/bin/registry
/var/lib/docker/overlay2/46f719f01255c431b4343e78607341d6d66ea482bc6d03c3b4e05e7413f46be6/merged/etc/docker/registry
/var/lib/docker/overlay2/46f719f01255c431b4343e78607341d6d66ea482bc6d03c3b4e05e7413f46be6/merged/var/lib/registry
/var/lib/docker/volumes/1522d54c954c755250cb71686cacd9714cd3d0f0c706ec18c1e490c7881fe713/_data/docker/registry
/opt/data/registry
/registry
[root@youx-pub registry]#
發(fā)現(xiàn)
[root@youx-pub repositories]# pwd
/var/lib/docker/volumes/1522d54c954c755250cb71686cacd9714cd3d0f0c706ec18c1e490c7881fe713/_data/docker/registry/v2/repositories
[root@youx-pub repositories]# ls
centos7-jdk8-nginx nginx
[root@youx-pub repositories]#
所以設(shè)置鏡像倉庫的位置為:
[root@master registry]# export REGISTRY_DATA_DIR=/var/lib/docker/volumes/1522d54c954c755250cb71686cacd9714cd3d0f0c706ec18c1e490c7881fe713/_data/docker/registry/v2
地址就是咱們掛載地址:
看一下相關(guān)標(biāo)簽:
[root@youx-pub registry]# curl http://192.168.18.162:5000/v2/_catalog
{"repositories":["youx-centos7.5.1804","youx-centos7.5.1804-v1.0"]}
[root@youx-pub registry]# curl http://192.168.18.162:5000/v2/youx-centos7.5.1804-v1.0/tags/list
{"name":"youx-centos7.5.1804-v1.0","tags":["latest"]}
[root@youx-pub registry]#
可以之后我們直接刪除:
[root@master registry]# delete_docker_registry_image --image youx-centos7.5.1804-v1.0:latest
INFO [2017-04-08 11:39:39,793] Deleting /registry/docker/registry/v2/repositories/nginx/_manifests/tags/v1
咱們再看一下本地倉庫的鏡像有幾個(gè):
[root@master registry]# curl http://192.168.18.162:5000/v2/_catalog
{"repositories":["youx-centos7.5.1804"]}
以上就是本文的全部內(nèi)容,希望對大家的學(xué)習(xí)有所幫助,也希望大家多多支持腳本之家。