阿里云服务器:
127.0.0.1(客户端)
127.0.0.2(私有服务器)
127.0.0.2作为私有仓库使用
1.下载镜像
[root@insure ~]# docker pull registry
Using default tag: latest
latest: Pulling from library/registry
456f9d0bf1d1: Pull complete
b7f3f37a05d2: Pull complete
d1b2fc1a6bc7: Pull complete
400c20544fd6: Pull complete
48473a72399c: Pull complete
Digest: sha256:2a5b47a613fd7e9d28120fa77016554c3dffa8913b6a314ede518447ddc68e2f
Status: Downloaded newer image for registry:latest
2.通过镜像启动一个容器
[root@insure ~]# docker run -d -p : -v /opt/data/registry:/tmp/registry registry
223608fc9814b1c7f22b47248d6006f50f322f35c4f8e92c7a9429a9f6104767
[root@insure ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
223608fc9814 registry "/entrypoint.sh /etc…" seconds ago Up seconds 0.0.0.0:->/tcp eager_euler
命令解析:docker run -d -p 5000:5000 -v /opt/data/registry:/tmp/registry registry
使用官方提供的registry镜像来搭建一套本地的私有仓库环境
通过-v参数将镜像文件存放到本地的指定路径上/opt/data/registry
本地仓库本身就是容器,命令的含义就是下载并创建一个registry容器,创建本地的私有仓库,仓库得路径是/tmp/registry
进入容器内部的命令
[root@insure ~]# docker exec -it 223608fc9814 sh
/ # ls
bin entrypoint.sh home linuxrc mnt root sbin sys usr
dev etc lib media proc run srv tmp var
127.0.0.1客户端使用
1.下载一个hello-world镜像
[root@insure ~]# docker pull hello-world
Using default tag: latest
latest: Pulling from library/hello-world
d1725b59e92d: Pull complete
Digest: sha256:0add3ace90ecb4adbf7777e9aacf18357296e799f81cabc9fde470971e499788
Status: Downloaded newer image for hello-world:latest
2.给hello-world镜像打个tag,表示新的版本
[root@insure ~]# docker tag hello-world:latest 127.0.0.2:/hello-world:latest
3.将新的hello-world镜像上传到私有仓库
[root@insure ~]# docker push 127.0.0.2:/hello-world:latest
The push refers to repository [127.0.0.2:/hello-world]
Get https://127.0.0.2:5000/v2/: http: server gave HTTP response to HTTPS client
原因是docker私有仓库服务器,默认是基于https传输的,所以我们需要在客户端192.168.1.160做相关设置,不使用https传输
[root@insure ~]# vi /etc/docker/daemon.json
添加如下内容
{
"registry-mirror": [
"https://registry.docker-cn.com"
],
"insecure-registries": [
"127.0.0.2:5000"
]
}[root@insure /]# vi /lib/systemd/system/docker.service 修改有问题不用管这个
添加如下内容ExecStart=/usr/bin/dockerd --insecure-registry 116.62.163.101:5000
依次执行下面两条命令,重新启动docker
[root@insure ~]# systemctl daemon-reload
[root@insure ~]# systemctl restart docker
再次执行上传到私有仓库的命令,并测试
[root@insure ~]# docker push 127.0.0.2:/hello-world:latest
The push refers to repository [127.0.0.2:/hello-world]
428c97da766c: Pushed
latest: digest: sha256:1a6fd470b9ce10849be79e99529a88371dff60c60aab424c077007f6979b4812 size:
[root@insure ~]# curl http://127.0.0.2:5000/v2/_catalog
{"repositories":["hello-world"]}
删除镜像进行重新下载
[root@insure /]# docker pull 127.0.0.2:/hello-world
Using default tag: latest
latest: Pulling from hello-world
d1725b59e92d: Pull complete
Digest: sha256:1a6fd470b9ce10849be79e99529a88371dff60c60aab424c077007f6979b4812
Status: Downloaded newer image for 127.0.0.2:/hello-world:latest
[root@insure /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
dashboard latest 60ff0c365e46 days ago 662MB
jdk-8u141 c717428b1276 days ago 578MB
tomcat latest ef802ca71927 days ago 475MB
centos latest 1e1148e4cc2c weeks ago 202MB
openjdk latest 8e7eacedab93 weeks ago 986MB
127.0.0.2:/hello-world latest 4ab4c602aa5e months ago .84kB
127.0.0.2私有仓库上面查看上传的镜像
挂载和临时目录都没有找到,查询
[root@insure lib]# find / -name "hello-world"
/var/lib/docker/volumes/6fcff317934d3c3f4bbaf1c3c4b6dc240b42b69242d8159e75e283ff2d217e16/_data/docker/registry/v2/repositories/hello-world
/var/lib/docker/volumes/efed8eab2f8e536123f218486a9462d41e70bc0c6bb4c019d1b73cf646c878de/_data/docker/registry/v2/repositories/hello-world
[root@insure lib]# cd /var/lib/docker/volumes/efed8eab2f8e536123f218486a9462d41e70bc0c6bb4c019d1b73cf646c878de/_data/docker/registry/v2/repositories
[root@insure repositories]# ls
hello-world
[root@insure repositories]# ls
dashboard hello-world
成功完成私有仓库的创建、客户端镜像的上传和下载。
说明:客户端和私有仓库在不同机器的同一个局域网之内,所用IP都是实际IP,非映射之后的IP。
官方地址 https://yeasy.gitbooks.io/docker_practice/repository/registry.html#%E5%AE%89%E8%A3%85%E8%BF%90%E8%A1%8C-docker-registry