Docker 学习笔记 - 创建私有仓库

Docker 学习笔记 - 创建私有仓库

当我们只需 docker pull等操作的时候，默认都是从公共的仓库 docker hub上面进行下载。我们也可以设置自己的私有仓库 registry。下面简单的介绍一下两种常见的访问方式。 更多的详细解释参见 方式

Registry的配置很简单 他本身就是一个服务，因此我们可以直接从容器启动 ， 比如指定了一个名字registry，开放端口5000，挂载了一个宿主机的目录作为存放镜像的目录

docker run -d -p 5000:5000 --restart=always --name registry -v /opt/myregistry:/var/lib/registry registry

上传镜像就两步操作，第一打个标签，第二上传

docker tag busybox:1.29 172.16.1.150/busybox:1.29 docker push 172.16.1.150/busybox:1.29

默认情况下会报错，这是因为他默认会使用push refers to repository [172.16.1.150/busybox] Get dial tcp 172.16.1.150:443: connect: connection refused

解决方法是把我们的私有仓库的地址加入白名单

创建一个 /etc/docker/damemon.json 的文件，如下所示

{ "insecure-registries": ["172.16.1.150:5000"] }

然后重启 docker 服务，再次上传就可以了

systemctl restart docker docker push 172.16.1.150/busybox:1.29

下载的方式也类似，首先删单当前的相关镜像，然后下载一个

docker rmi busybox:1.29 docker rmi busybox:latest docker pull 172.16.1.150:5000/busybox:1.29

删除镜像

这个需要进入registry容器，删除对应的metadata的目录，然后执行一个垃圾回收的操作，彻底的清空

[root@ip-172-16-1-150 bash_completion.d]# docker exec -it registry sh / # rm -fr /var/lib/registry/docker/registry/v2/repositories/busybox/ / # registry garbage-collect /etc/docker/registry/config.yml ghost ghost: marking manifest sha256:71422ddf0230e11db21c0c38298a7a57ec9c2bf2ea2f9044303ca25b5f7205a9 ghost: marking blob sha256:40128288ca81dcda5779742757851149b0d7aee322f854b1a65a030d7a49e836 ghost: marking blob sha256:cbdbe7a5bc2a134ca8ec91be58565ec07d037386d1f1d8385412d224deafca08 ghost: marking blob sha256:57d481011659a13bdb095379d64b4b858612ae1b923da2247c8fc97d52920c72 ghost: marking blob sha256:d6fabc993f172c5fea591f7820f283ca6e238289b3414930dbc808a392f80e9f ghost: marking blob sha256:834ca887ea10ccf5c773b01efa3b1331ba97b7b9fa6fc0c00f8577e96491ab05 ghost: marking blob sha256:ad02ebe5fd045290b160178a369c06b5dcac3794f366b205e5322eb55104ec48 ghost: marking blob sha256:4ac08c3f0139584f5793c0781db31b35c5d858ec8bb3a1dfc10049ac143bf2ed ghost: marking blob sha256:e9fc087e6a7813bb7d52f69744d4345fb4f8ad65c14136cacc67425cb987a7e0 ghost: marking blob sha256:846777c8cbce526597e1ae3c9c3efb82431d2b2bbd9bbe50fa687c396e0d598e ghost: marking blob sha256:54ad64533e5521e02c68f5678ce64c996b9d824dd3a049424d43bf62a35f8599 11 blobs marked, 3 blobs and 0 manifests eligible for deletion blob eligible for deletion: sha256:e004c2cc521c95383aebb1fb5893719aa7a8eae2e7a71f316a4410784edb00a9 INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/e0/e004c2cc521c95383aebb1fb5893719aa7a8eae2e7a71f316a4410784edb00a9 go.version=go1.11.2 instance.id=d1623c34-896c-4e22-9982-f1d0708b6f46 service=registry blob eligible for deletion: sha256:758ec7f3a1ee85f8f08399b55641bfb13e8c1109287ddc5e22b68c3d653152ee INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/75/758ec7f3a1ee85f8f08399b55641bfb13e8c1109287ddc5e22b68c3d653152ee go.version=go1.11.2 instance.id=d1623c34-896c-4e22-9982-f1d0708b6f46 service=registry blob eligible for deletion: sha256:b4a6e23922ddc3d105fee9afff80151a13fe058143351a8e9294286575f2f37e INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/b4/b4a6e23922ddc3d105fee9afff80151a13fe058143351a8e9294286575f2f37e go.versio ```n=go1.11.2 instance.id=d1623c34-896c-4e22-9982-f1d0708b6f46 service=registry / # exit 通过浏览器查看 显示镜像  显示镜像的tag等信息  # Basic Auth的访问方式 这种方式会弹出用户名和密码要求验证，因此我们每次上传下载之前需要登录

[root@ip-172-16-1-150 bash_completion.d]# mkdir /opt/registry-var/auth/ -p[root@ip-172-16-1-150 bash_completion.d]# htpasswd -Bbn beanxyz 12345 >> /opt/registry-var/auth/htpasswd[root@ip-172-16-1-150 bash_completion.d]# docker rm -f docker ps -a -q84ed4066209365e5c21d305fcd1381f25ed2[root@ip-172-16-1-150 bash_completion.d]# htpasswd -Bbn beanxyz 12345 >> /opt/registry-var/auth/htpasswd^C[root@ip-172-16-1-150 bash_completion.d]# docker run -d -p 5000:5000 -v /opt/registry-var/auth/:/auth/ -v /opt/myregistry:/var/lib/registry -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry8e938a0fd7cae83a6563ba75060eb5ee2b41d444569817388ee04516a87802c9[root@ip-172-16-1-150 bash_completion.d]# docker ps -aCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES8e938a0fd7ca registry "/entrypoint.sh /etc…" 5 seconds ago Up 5 seconds 0.0.0.0:5000->5000/tcp fervent_driscoll[root@ip-172-16-1-150 bash_completion.d]# docker login 172.16.1.150:5000Username: beanxyzPassword:WARNING! Your password will be stored unencrypted in /root/.docker/config.json.Configure a credential helper to remove this warning. SeeSucceeded[root@ip-172-16-1-150 bash_completion.d]# docker

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。