在Linux系統上部署docker私有倉庫

修改配置http訪問

[root@test01 ~]# cat /etc/docker/daemon.json
{"registry-mirrors": ["https://registry.docker-cn.com"],"insecure-registries":["192.168.1.30:5000"]}

若是不這樣配置，結果以下。這個問題多是因爲客戶端採用https，docker registry未採用https服務所致。一種處理方式是把客戶對地址「192.168.1.30:5000」請求改成http

[root@test01 ~]# docker push 192.168.1.30:5000/centos
The push refers to a repository [192.168.1.30:5000/centos]
Get https://192.168.1.30:5000/v1/_ping: http: server gave HTTP response to HTTPS client

使用容器運行docker-registry

[root@test01 ~]# docker run -d -p 5000:5000 --privileged=true -v /opt/data/registry:/tmp/registry --name='docker-registry' registry

參數說明：

-v /opt/data/registry:/tmp/registry :默認狀況下，會將倉庫存放於容器內的/tmp/registry目錄下，指定本地目錄掛載到容器
–privileged=true ：CentOS7中的安全模塊selinux把權限禁掉了，參數給容器加特權，不加上傳鏡像會報權限錯誤(OSError: [Errno 13] Permission denied: ‘/tmp/registry/repositories/liibrary’)或者（Received unexpected HTTP status: 500 Internal Server Error）錯誤

上傳鏡像

[root@test01 ~]# docker images
REPOSITORY                 TAG                 IMAGE ID            CREATED             SIZE
docker.io/wordpress        latest              346b1443b020        30 hours ago        407 MB
[root@test01 ~]# docker push 192.168.1.30:5000/wordpress
The push refers to a repository [192.168.1.30:5000/wordpress]
An image does not exist locally with the tag: 192.168.1.30:5000/wordpress
[root@test01 ~]#

根據提示，咱們知道須要修改一下tag才能上傳

[root@test01 ~]# docker tag docker.io/wordpress 192.168.1.30:5000/wordpress
[root@test01 ~]# docker images
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
192.168.1.30:5000/wordpress   latest              346b1443b020        30 hours ago        407 MB
docker.io/wordpress           latest              346b1443b020        30 hours ago        407 MB
[root@test01 ~]# docker push 192.168.1.30:5000/wordpress
The push refers to a repository [192.168.1.30:5000/wordpress]
3d7c1bb6ce9f: Pushed

從私有倉庫中下載

[root@test01 ~]# docker pull 192.168.1.30:5000/wordpress

客戶端永久配置使用私有倉庫

加入ADD_REGISTRY='--add-registry 192.168.1.30:5000'

[root@test01 ~]# cat /etc/sysconfig/docker
# /etc/sysconfig/docker

# Modify these options if you want to change the way the docker daemon runs
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false -H unix:///var/run/docker.sock -H 0.0.0.0:2376'
ADD_REGISTRY='--add-registry 192.168.1.30:5000'
if [ -z "${DOCKER_CERT_PATH}" ]; then
    DOCKER_CERT_PATH=/etc/docker
fi