1.6 Docker 仓库管理
2018-05-14
1.6 Docker 仓库管理
下载 registry 镜像,registy 为 docker 官方提供的一个镜像,我们可以用它来创建本地的 docker 私有仓库。
root@ubuntu:~# docker pull registry
root@ubuntu:~# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
ubuntu-16.04-x86_64 latest be6ed5c5eae2 18 hours ago 500.1 MB
ubuntu_with_net_and_wget latest 45d4c91e72ce 19 hours ago 176.7 MB
registry latest 07d93e41c370 5 months ago 422.9 MB
以 registry 镜像启动容器,监听 5000 端口
root@ubuntu:~# docker run -d -p 5000:5000 registry
0a5de5704b7643fcb5fdd36d4cc4f846f7ecd45b50998dcd6a708c500a6e63ee
root@ubuntu:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0a5de5704b76 registry:latest "docker-registry" 6 seconds ago Up 6 seconds 0.0.0.0:5000->5000/tcp dreamy_hodgkin
root@ubuntu:~# docker exec -it 0a5 bash
root@0a5de5704b76:/# netstat -lnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:5000 0.0.0.0:* LISTEN 1/python
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Path
root@0a5de5704b76:/# exit
exit
root@ubuntu:~# telnet 127.0.0.1 5000
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
Connection closed by foreign host.
root@ubuntu:~# curl 127.0.0.1:5000
"\"docker-registry server\""root@ubuntu:~#
上传镜像到私有仓库
标记将要上传的镜像
# docker tag ubunt
root@ubuntu:~# docker tag busybox 47.88.78.8:5000/busybox
上传镜像
root@ubuntu:~# docker push 47.88.78.8:5000/busybox
FATA[0004] Error response from daemon: v1 ping attempt failed with error: Get https://47.88.78.8:5000/v1/_ping: EOF. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry 47.88.78.8:5000` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/47.88.78.8:5000/ca.crt
此时出现如上错误,这是因为 Docker 从 1.3.X 以后,与 docker registry 交互默认使用的是 https,然而此处搭建的私有仓库只提供 http 服务,所以当与私有仓库交互时就会报上面的错误。为了解决这个问题需要在启动 docker server 时增加启动参数为默认使用 http 访问。
root@ubuntu:~# vim /etc/default/docker
增加如下一行:
DOCKER_OPTS="$DOCKER_OPTS --insecure-registry=47.88.78.8:5000"
重启 docker
root@ubuntu:~# service docker restart
root@ubuntu:~# ps aux|grep docker
root 22324 0.0 1.2 465444 12572 ? Ssl 11:18 0:00 /usr/bin/docker -d --insecure-registry=47.88.78.8:5000
root 22432 0.0 0.9 225008 10156 ? Sl 11:22 0:00 docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 5000 -container-ip 192.168.42.2 -container-port 5000
启动 registry 容器
root@ubuntu:~# docker start 0a5de5704b76
上传
root@ubuntu:~# docker push 47.88.78.8:5000/busybox
The push refers to a repository [47.88.78.8:5000/busybox] (len: 1)
Sending image list
Pushing repository 47.88.78.8:5000/busybox (1 tags)
4185ddbe03f8: Image successfully pushed
b05baf071fd5: Image successfully pushed
Pushing tag for rev [b05baf071fd5] on {http://47.88.78.8:5000/v1/repositories/busybox/tags/latest}
查看私有仓库里的所有镜像
root@ubuntu:~# curl http://47.88.78.8:5000/v1/search
{"num_results": 1, "query": "", "results": [{"description": "", "name": "library/busybox"}]}