使用registry镜像创建私有仓库
安装Docker后,可以通过官方提供的registry镜像来简单搭建一套本地私有仓库环境。
[root@localhost ~]# docker pull registry[root@localhost ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZEregistry latest 5c929a8b587a 8 hours ago 33.27 MBgenesis_centos latest 85bc3a58f134 4 days ago 277.6 MBcentos-6-x86 latest 8fca9486a39b 12 days ago 341.3 MBcentos_with_net latest 3e8ea8607f08 4 weeks ago 294.9 MBcentos latest 9baab0af79c4 6 weeks ago 196.7 MB
下载registry镜像,registry为Docker官方提供的一个镜像,我们可以用它来创建本地的Docker私有仓库。
[root@localhost ~]# docker run -d -p 5000:5000 registry3dc5762733b8ae7d715bc3aef44a5bd1b5729c997c4316af1df3493992823519
在本地启动一个私有仓库服务,监听端口为5000
[root@localhost ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES3dc5762733b8 registry "/entrypoint.sh /etc About a minute ago Up About a minute 0.0.0.0:5000->5000/tcp compassionate_engelbart
[root@localhost ~]# curl http://192.168.1.179:5000/v2/_catalog{ "repositories":[]} 可以访问它,这里的IP是宿主机Linux的IP地址。
管理私有仓库镜像
[root@localhost ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZEregistry latest 5c929a8b587a 9 hours ago 33.27 MBgenesis_centos latest 85bc3a58f134 4 days ago 277.6 MBcentos-6-x86 latest 8fca9486a39b 12 days ago 341.3 MBcentos_with_net latest 3e8ea8607f08 4 weeks ago 294.9 MBcentos latest 9baab0af79c4 6 weeks ago 196.7 MB
[root@localhost ~]# docker pull busybox
busybox较小,下载下来,做实验用
[root@localhost ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZEregistry latest 5c929a8b587a 9 hours ago 33.27 MBgenesis_centos latest 85bc3a58f134 4 days ago 277.6 MBbusybox latest 9967c5ad88de 11 days ago 1.093 MBcentos-6-x86 latest 8fca9486a39b 12 days ago 341.3 MBcentos_with_net latest 3e8ea8607f08 4 weeks ago 294.9 MBcentos latest 9baab0af79c4 6 weeks ago 196.7 MB
使用docker tag命令将这个镜像标记为192.168.1.179:5000/busybox(格式为docker tag IMAGE[:TAG] [REGISTRRYHOST/] [USERNAME/] NAME [:TAG])
[root@localhost ~]# docker tag busybox 192.168.1.179:5000/busybox[root@localhost ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZEregistry latest 5c929a8b587a 9 hours ago 33.27 MBgenesis_centos latest 85bc3a58f134 4 days ago 277.6 MB192.168.1.179:5000/busybox latest 9967c5ad88de 11 days ago 1.093 MBbusybox latest 9967c5ad88de 11 days ago 1.093 MBcentos-6-x86 latest 8fca9486a39b 12 days ago 341.3 MBcentos_with_net latest 3e8ea8607f08 4 weeks ago 294.9 MBcentos latest 9baab0af79c4 6 weeks ago 196.7 MB
使用docker push上传标记的镜像:(注:下面会报错)
[root@localhost ~]# docker push 192.168.1.179:5000/busyboxError response from daemon: invalid registry endpoint https://192.168.1.179:5000/v0/: unable to ping registry endpoint https://192.168.1.179:5000/v0/v2 ping attempt failed with error: Get https://192.168.1.179:5000/v2/: tls: oversized record received with length 20527 v1 ping attempt failed with error: Get https://192.168.1.179:5000/v1/_ping: tls: oversized record received with length 20527. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry 192.168.1.179:5000` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/192.168.1.179:5000/ca.crt
- 出现报错,这是因为Docker从1.3.X之后与docker registry交互默认使用的是https,然而此处搭建的私有仓库只提供http服务,所以当与私有仓库交互时就会报上面的错误。为了解决这个问题需要在启动docker server时增加启动参数为默认使用http访问。
解决方法:
[root@localhost ~]# vi /etc/init.d/docker
把 $exec -d $other_args 改为$exec -d --insecure-registry 172.7.15.106:5000 $other_args
重启Docker
[root@localhost ~]# /etc/init.d/docker restart停止 docker: [确定]Starting docker: [确定]
再次执行命令,还是会报错
[root@localhost ~]# docker push 192.168.1.179:5000/busyboxError response from daemon: invalid registry endpoint "http://192.168.1.179:5000/v0/". HTTPS attempt: unable to ping registry endpoint https://192.168.1.179:5000/v0/v2 ping attempt failed with error: Get https://192.168.1.179:5000/v2/: dial tcp 192.168.1.179:5000: connection refused v1 ping attempt failed with error: Get https://192.168.1.179:5000/v1/_ping: dial tcp 192.168.1.179:5000: connection refused. HTTP attempt: unable to ping registry endpoint http://192.168.1.179:5000/v0/v2 ping attempt failed with error: Get http://192.168.1.179:5000/v2/: dial tcp 192.168.1.179:5000: connection refused v1 ping attempt failed with error: Get http://192.168.1.179:5000/v1/_ping: dial tcp 192.168.1.179:5000: connection refused
[root@localhost ~]# docker ps -aCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES3dc5762733b8 registry "/entrypoint.sh /etc About an hour ago Exited (2) 30 minutes ago compassionate_engelbart359fda80c4ef centos-6-x86 "/bin/bash" 5 days ago Exited (130) 5 days ago sleepy_mestorfd1dec1f9d91e centos-6-x86 "/bin/bash" 5 days ago Exited (0) 5 days ago stoic_curie5ae70c73655f centos "/bin/bash" 5 days ago tender_galileo
- 这是因为还没有启动registry容器
[root@localhost ~]# docker run -d -p 5000:5000 registry4d6ddb76c357c029d42abaaef6fb0f00fbc97d22f1bc882d5214800d95006ee5[root@localhost ~]# docker push 192.168.1.179:5000/busybox
[root@localhost ~]# curl http://192.168.1.179:5000/v2/_catalog{ "repositories":["busybox"]} 可以查看私有仓库里面的所有镜像,在结果中看到{“repositories”:[“busybox”]}表明镜像已经成功上传了。
[root@localhost ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES4d6ddb76c357 registry "/entrypoint.sh /etc 4 minutes ago Up 4 minutes 0.0.0.0:5000->5000/tcp kickass_yonath[root@localhost ~]# docker ps -aCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES4d6ddb76c357 registry "/entrypoint.sh /etc 4 minutes ago Up 4 minutes 0.0.0.0:5000->5000/tcp kickass_yonath3dc5762733b8 registry "/entrypoint.sh /etc About an hour ago Exited (2) 36 minutes ago compassionate_engelbart359fda80c4ef centos-6-x86 "/bin/bash" 5 days ago Exited (130) 5 days ago sleepy_mestorfd1dec1f9d91e centos-6-x86 "/bin/bash" 5 days ago Exited (0) 5 days ago stoic_curie5ae70c73655f centos "/bin/bash" 5 days ago tender_galileo
之前的registry容器也没用到,先删掉
[root@localhost ~]# docker rm 3dc5762733b83dc5762733b8