一、Docker简介
- 参考:【Docker】Dokcer学习① - 简介
二、Docker安装及基础命令介绍
- 参考:【Docker】Docker学习② - Docker安装及基础命令介绍
三、Docker镜像管理
- 参考:【Docker】Docker学习③ - Docker镜像管理
四、Docker镜像与制作
- 参考:【Docker】Docker学习④ - Docker镜像与制作
五、Docker数据管理
- 参考:【Docker】Docker学习⑤ - Docker数据管理
六、网络部分
- 参考:【Docker】Docker学习⑥ - 网络部分
七、Docker仓库之单机Dokcer Registry
Docker Registry作为Docker的核心组件之一负责镜像内容的存储与分发,客户端的docker pull以及push命令都将直接与registry 进行交互,最初版本的registry由Python实现,由于设计初期在安全性,性能以及API的设计上有着诸多的缺陷。该版本在0.9之后停止了开发,由新的项目distribution(新的docker register被称为Distrition)来重新设计并开发下一代Registry,新的项目由go语言开发,所有的API,底层存储方式,系统架构都进行了全面的重新设计,已解决上一代registry中存在的问题,2016年4月份registry2.0正式发布,docker1.6版本开始知识registry2.0,而8月份随着docker1.8发布,docker hub正式启用2.1版本registry全面替代之前的版本,新版registry对镜像存储格式进行了重新设计并和旧版不兼容,docker1.5和之前的版本无法读取2.0的镜像,另外Registry2.4版本之后支持了回收站机制,也就是可以删除镜像了,在2.4版本之前是无法支持删除镜像的,所以如果你要使用最好是大于Registry2.4版本的。
本部分将介绍通过官方提供的docker registry 镜像来简单搭建一套本地私有仓库环境。
1 下载docker registry镜像
docker pull registry
2 搭建单机仓库
2.1 创建授权使用目录
mkdir -p /docker/auth
2.2 创建用户
cd /docker
#报错
docker run --entrypoint htpasswd registry -Bbn jack 123456 > auth/htpasswd
#修改
htpasswd -Bbn test 123456 > auth/htpasswd
日志:
[root@gbase8c_1 ~]# docker pull registry
Using default tag: latest
latest: Pulling from library/registry
79e9f2f55bf5: Pull complete
0d96da54f60b: Pull complete
5b27040df4a2: Pull complete
e2ead8259a04: Pull complete
3790aef225b9: Pull complete
Digest: sha256:169211e20e2f2d5d115674681eb79d21a217b296b43374b8e39f97fcf866b375
Status: Downloaded newer image for registry:latest
docker.io/library/registry:latest
[root@gbase8c_1 ~]# mkdir -p /docker/auth
[root@gbase8c_1 ~]# cd /docker
[root@gbase8c_1 docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry latest b8604a3fe854 2 years ago 26.2MB
[root@gbase8c_1 docker]# docker run --entrypoint htpasswd registry -Bbn jack 123456 > auth/htpasswd
docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "htpasswd": executable file not found in $PATH: unknown.
ERRO[0000] error waiting for container:
2.3 验证用户密码
cat auth/htpasswd
[root@gbase8c_1 docker]# cat auth/htpasswd
test:$2y$05$BCm9sruCprQymAV5vk5XKOybtlVb4vrftWXqbe5fbpjlq2suQPYwO
2.4 启动docker registry
docker run -d -p5000:5000 --restart=always --name registry1 -v /docker/auth:/auth -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" registry
2.5 验证端口和容器
日志:
[root@gbase8c_1 docker]# docker run -d -p5000:5000 --restart=always --name registry1 -v /docker/auth:/auth -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" registry
ec968bda55f7068065688569d83ea6f4c53d413af39e6dbe4c06a1f4dd58178f
[root@gbase8c_1 docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ec968bda55f7 registry "/entrypoint.sh /etc…" 4 seconds ago Up 4 seconds 0.0.0.0:5000->5000/tcp, :::5000->5000/tcp registry1
[root@gbase8c_1 docker]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:5000 *:*
2.6 测试登录仓库
报错:
[root@gbase8c_1 docker]# docker login 192.168.56.200:5000
Username: test
Password:
Error response from daemon: Get "https://192.168.56.200:5000/v2/": http: server gave HTTP response to HTTPS client
- 解决方式1(无效):
编辑各docker 服务器/etc/sysconfig/docker 配置文件如下
#Server1:
vim /etc/sysconfig/docker
OPTIONS='--selinux-enabled --log-driver==journald'
ADD_REGISTRY='--add-registry 192.168.56.200:5000'
INSECURE_REGISTRY='--insecure-registry 192.168.56.200:5000'
#重启docker
systemctl restart docker
#Server2:
vim /etc/sysconfig/docker
OPTIONS='--selinux-enabled --log-driver==journald'
if [ -z "${DOCKER_CERT_PATH}" ];then
DOCKER_CERT_PATH=/etc/docker
fi
ADD_REGISTRY='--add-registry 192.168.56.200:5000'
INSECURE_REGISTRY='--insecure-registry 192.168.56.200:5000'
#重启docker
systemctl restart docker
- 解决方式2:
[root@gbase8c_private docker]# cat /etc/docker/daemon.json
{
"insecure-registries":["192.168.56.199","192.168.56.200:5000"], #←新增
"registry-mirrors":["https://pkjijpqo.mirror.aliyuncs.com"]
}
#登录成功
[root@gbase8c_private docker]# docker login 192.168.56.200:5000
Username (test): test
Password:
Login Succeeded
2.7 在Server1登陆后上传镜像
- 2.7.1 镜像打tag
docker tag jack/nginx-1.22.1:v1 192.168.56.200:5000/jack/nginx-1.22.1:v1
- 2.7.2 上传镜像
docker push 192.168.56.200:5000/jack/nginx-1.22.1:v1
日志:文章来源:https://www.toymoban.com/news/detail-821028.html
[root@gbase8c_1 docker]# docker tag jack/nginx-1.22.1:v1 192.168.56.200:5000/jack/nginx-1.22.1:v1
[root@gbase8c_1 docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
jack/nginx-1.22.1 v1 5ec2d0d6aa22 2 weeks ago 638MB
192.168.56.200:5000/jack/nginx-1.22.1 v1 5ec2d0d6aa22 2 weeks ago 638MB
[root@gbase8c_1 docker]# docker push 192.168.56.200:5000/jack/nginx-1.22.1:v1
The push refers to repository [192.168.56.200:5000/jack/nginx-1.22.1]
a7a030277385: Pushed
033b7c388a51: Pushed
62900648f903: Pushed
7bb7d3a7a010: Pushed
9e9129ee0c59: Pushed
382519f0e19e: Pushed
a4437975d033: Pushed
badae34ffc22: Pushed
26a72414b92b: Pushed
661b4c00d916: Pushed
74ddd0ec08fa: Pushed
v1: digest: sha256:145e675dbf1533dd5cf834a4131128fd0b8d0f3f7a959919fba782f2261a1164 size: 2621
2.8 Server2下载镜像并启动
- 2.8.1 登录并从docker registry 下载镜像
docker images
docker login 192.168.56.200:5000
docker pull 192.168.56.200:5000/jack/nginx-1.22.1:v1
- 2.8.2 验证下载成功
docker images
- 2.8.3 从下载的镜像启动容器
docker run -d --name docker-registry -p80:80 192.168.56.200:5000/jack/nginx-1.22.1:v1 nginx
- 2.8.4 验证登录
日志:
[root@gbase8c_private docker]# docker login 192.168.56.200:5000
Username (test): test
Password:
Login Succeeded
[root@gbase8c_private docker]# docker pull 192.168.56.200:5000/jack/nginx-1.22.1:v1
v1: Pulling from jack/nginx-1.22.1
Digest: sha256:145e675dbf1533dd5cf834a4131128fd0b8d0f3f7a959919fba782f2261a1164
Status: Downloaded newer image for 192.168.56.200:5000/jack/nginx-1.22.1:v1
[root@gbase8c_private docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.56.200:5000/jack/nginx-1.22.1 v1 5ec2d0d6aa22 2 weeks ago 638MB
[root@gbase8c_private docker]# docker run -d --name docker-registry -p80:80 192.168.56.200:5000/jack/nginx-1.22.1:v1 nginx
2cf5864c064519853ead197bc1bba643eeb7dd21bac28be93bd9f7a7f876e409
[root@gbase8c_private docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2cf5864c0645 192.168.56.200:5000/jack/nginx-1.22.1:v1 "nginx" 8 seconds ago Up 7 seconds 0.0.0.0:80->80/tcp, 443/tcp docker-registry
八、Docker仓库之分布式Harbor
- 参考:【Docker】Docker学习⑧ - Docker仓库之分布式Harbor
九、单机编排之Docker Compose
-
参考:【Docker】Docker学习⑨ - 单机编排之Docker Compose文章来源地址https://www.toymoban.com/news/detail-821028.html
到了这里,关于【Docker】Docker学习⑦ - Docker仓库之单机Dokcer Registry的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!