系统版本:CentOS Linux release 7.2.1511 (Core)
目的:基于docker创建一个registry容器,做为docker仓库给其它机器拉取镜像用
安装iptables 如果有iptables,就略过
[root@localhost ~]# yum install -y iptables iptables-utils iptables-services [root@localhost ~]# systemctl start iptables [root@localhost ~]# systemctl enable iptables
# 安装docker
[root@localhost ~]# yum install -y docker
# 启动
[root@localhost ~]# systemctl start docker
# 开机启动docker服务
[root@localhost ~]# systemctl enable docker
# 查询docker 私库镜像环境名称 找官方的
[root@localhost ~]# docker search registry INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED docker.io docker.io/registry The Docker Registry 2.0 implementation for... 1426 [OK]
# 拉取私库镜像
[root@localhost ~]# docker pull docker.io/registry
# 查看本地镜像
[root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/registry latest 136c8b16df20 6 days ago 33.17 MB
# 根据本地registry镜像启动一个容器,指定容器名,主机名,挂载卷
[root@localhost ~]# docker run -d --name=docker-repo -h docker-repo -p 5000:5000 -v /home/docker_repo:/var/lib/registry 136c8b16df20
registry私库默认监听在5000端口上
# 为了测试方便,从官方拉取一个 busybox 镜像(体积小)
[root@localhost ~]# docker pull busybox Using default tag: latest Trying to pull repository docker.io/library/busybox ... latest: Pulling from docker.io/library/busybox 7520415ce762: Pull complete Digest: sha256:32f093055929dbc23dec4d03e09dfe971f5973a9ca5cf059cbfb644c206aa83f
# 查看busybox镜像
[root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/registry latest 136c8b16df20 7 days ago 33.17 MB docker.io/busybox latest 00f017a8c2a6 5 weeks ago 1.11 MB
# 通过docker tag将 docker.io/busybox 镜像打一个标签,该镜像标志为要推送到私有仓库
[root@localhost ~]# docker tag docker.io/busybox 192.168.1.50:5000/busybox
# 注意命名 仓库地址+镜像名
[root@VM_33_244_centos ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/registry latest 136c8b16df20 7 days ago 33.17 MB 192.168.1.50:5000/busybox latest 00f017a8c2a6 5 weeks ago 1.11 MB docker.io/busybox latest 00f017a8c2a6 5 weeks ago 1.11 MB
#然后把 docker.io/busybox push到私有仓库中
[root@localhost ~]# docker push 192.168.1.50:5000/busybox The push refers to a repository [192.168.1.50:5000/busybox] c0de73ac9968: Mounted from busybox_small latest: digest: sha256:68effe31a4ae8312e47f54bec52d1fc925908009ce7e6f734e1b54a4169081c5 size: 527
浏览器访问:
http://192.168.1.50:5000/v2/_catalog
# 删除本地busybox镜像
[root@localhost ~]# docker rmi -f 00f017a8c2a6
# 从私有仓库拉取
[root@localhost ~]# docker pull 192.168.1.50:5000/busybox Using default tag: latest Trying to pull repository 192.168.1.50:5000/busybox ... latest: Pulling from 192.168.1.50:5000/busybox 04176c8b224a: Pull complete Digest: sha256:68effe31a4ae8312e47f54bec52d1fc925908009ce7e6f734e1b54a4169081c5 [root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/registry latest 136c8b16df20 7 days ago 33.17 MB 192.168.1.50:5000/busybox latest 00f017a8c2a6 5 weeks ago 1.11 MB
# 注意事项
需要添加私有仓库信任 否则会报一个 http: server gave HTTP response to HTTPS client 错误
把 /etc/sysconfig/docker
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false' 改为: OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --insecure-registry=192.168.1.50:5000'
重启docker生效
registry 私库默认用/bin/sh登陆
镜像默认保存在 /var/lib/registry/docker/registry/v2/repositories 中
直接删除 上面目录下的文件夹,就可以删除镜像。
docker的端口映射是通过iptables实现,如果重启iptables,容器端口映射失效,需要重启docker服务。
原创文章,转载请注明。本文链接地址: https://www.rootop.org/pages/3720.html