當咱們執行docker pull xxx的時候,docker默認是從registry.docker.com這個地址上去查找咱們所須要的鏡像文件,而後執行下載操做。這類的鏡像倉庫就是docker默認的公共倉庫,全部人均可以直接查看或下載、使用,可是呢,基於網絡緣由,下載速度有限制比較慢。所以,咱們在公司內部內網環境中使用dokcer,通常不會將鏡像文件上傳到公網公共庫中。但內部共享使用就是個問題,因此,私有倉庫就由此產生了。nginx
私有倉庫,就是本地(內網環境)組建的一個與公網公共庫功能類似的鏡像倉庫。組建好以後,咱們就能夠將打包好的鏡像提交到私有倉庫中,這樣內網其它用戶也可使用這個鏡像文件。
本文使用官方提供的registry鏡像來組建企業內網的私有鏡像倉庫docker
兩臺安裝好docker環境的主機數據庫
服務端:192.168.3.82 私有倉庫服務器在,運行registry容器json
客戶端:192.168.3.83 測試客戶端,用於上傳、下載鏡像文件vim
[root@master ~]# docker pull registry
Using default tag: latest
Trying to pull repository docker.io/library/registry ...
latest: Pulling from docker.io/library/registry
81033e7c1d6a: Pull complete
b235084c2315: Pull complete
c692f3a6894b: Pull complete
ba2177f3a70e: Pull complete
a8d793620947: Pull complete
Digest: sha256:672d519d7fd7bbc7a448d17956ebeefe225d5eb27509d8dc5ce67ecb4a0bce54
Status: Downloaded newer image for docker.io/registry:latest
[root@master ~]# docker images |grep registry
docker.io/registry latest d1fd7d86a825 5 months ago 33.3 MB
複製代碼
[root@master ~]# mkdir /docker/registry -p
[root@master ~]# docker run -itd -v /docker/registry/:/docker/registry -p 5000:5000 --restart=always --name registry registry:latest
26d0b91a267f684f9da68f01d869b31dbc037ee6e7bf255d8fb435a22b857a0e
[root@master ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
26d0b91a267f registry:latest "/entrypoint.sh /e..." 4 seconds ago Up 3 seconds 0.0.0.0:5000->5000/tcp registry
參數說明
1)-itd:在容器中打開一個僞終端進行交互操做,並在後臺運行;
2)-v:把宿主機的/docker/registry目錄綁定到容器/docker/registry目錄(這個目錄是registry容器中存放鏡像文件的目錄),來實現數據的持久化;
3)-p:映射端口;訪問宿主機的5000端口就訪問到registry容器的服務了;
4)--restart=always:這是重啓的策略,假如這個容器異常退出會自動重啓容器;
5)--name registry:建立容器命名爲registry,可自定義任何名稱;
6)registry:latest:這個是剛纔pull下來的鏡像;
複製代碼
[root@master ~]# curl http://localhost:5000/v2/_catalog
{"repositories":[]}
一樣也可使用瀏覽器訪問http://server-ip:5000/v2/_catalog, 結果相同,都是空的沒有任何文件。
複製代碼
[root@slave1 ~]# vim /etc/docker/daemon.json
{
"registry-mirrors":["https://registry.docker-cn.com"]
}
[root@slave1 ~]# systemctl restart docker
複製代碼
[root@slave1 ~]# docker pull nginx
Using default tag: latest
Trying to pull repository docker.io/library/nginx ...
latest: Pulling from docker.io/library/nginx
683abbb4ea60: Pull complete
6ff57cbc007a: Pull complete
162f7aebbf40: Pull complete
Digest: sha256:636dd2749d9a363e5b57557672a9ebc7c6d041c88d9aef184308d7434296feea
Status: Downloaded newer image for docker.io/nginx:latest
複製代碼
[root@slave1 ~]# docker tag nginx:latest 192.168.3.82:5000/nginx:v1
[root@slave1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.3.82:5000/nginx v1 649dcb69b782 8 hours ago 109 MB
docker.io/nginx latest 649dcb69b782 8 hours ago 109 MB
複製代碼
[root@slave1 ~]# docker push 192.168.3.82:5000/nginx:v1
The push refers to a repository [192.168.3.82:5000/nginx]
Get https://192.168.3.82:5000/v1/_ping: http: server gave HTTP response to HTTPS client
#注意這裏出現報錯提示,從提示信息能夠看出須要使用https的方式才能上傳,解決方案以下:
[root@slave1 ~]# vim /etc/docker/daemon.json
{
"registry-mirrors":["https://registry.docker-cn.com"],
"insecure-registries":["192.168.3.82:5000"]
}
#添加私有鏡像服務器的地址,注意書寫格式爲json,有嚴格的書寫要求,須要重啓docker服務生效配置
[root@slave1 ~]# systemctl restart docker
[root@slave1 ~]# docker push 192.168.3.82:5000/nginx:v1
The push refers to a repository [192.168.3.82:5000/nginx]
6ee5b085558c: Pushed
78f25536dafc: Pushed
9c46f426bcb7: Pushed
v1: digest: sha256:edad5e71815c79108ddbd1d42123ee13ba2d8050ad27cfa72c531986d03ee4e7 size: 948
複製代碼
[root@master ~]# curl http://localhost:5000/v2/_catalog
{"repositories":["nginx"]}
[root@master ~]# curl http://localhost:5000/v2/nginx/tags/list
{"name":"nginx","tags":["v1"]}
#查看有哪些版本
複製代碼
#首先刪除客戶端主機以前從公共庫下載下來的鏡像文件
[root@slave1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.3.82:5000/nginx v1 649dcb69b782 10 hours ago 109 MB
docker.io/nginx latest 649dcb69b782 10 hours ago 109 MB
[root@slave1 ~]# docker image rmi -f 649dcb69b782
Untagged: 192.168.3.82:5000/nginx:v1
Untagged: 192.168.3.82:5000/nginx@sha256:edad5e71815c79108ddbd1d42123ee13ba2d8050ad27cfa72c531986d03ee4e7
Untagged: docker.io/nginx:latest
Untagged: docker.io/nginx@sha256:636dd2749d9a363e5b57557672a9ebc7c6d041c88d9aef184308d7434296feea
Deleted: sha256:649dcb69b782d4e281c92ed2918a21fa63322a6605017e295ea75907c84f4d1e
Deleted: sha256:bf7cb208a5a1da265666ad5ab3cf10f0bec1f4bcb0ba8d957e2e485e3ac2b463
Deleted: sha256:55d02c20aa07136ab07ab47f4b20b97be7a0f34e01a88b3e046a728863b5621c
Deleted: sha256:9c46f426bcb704beffafc951290ee7fe05efddbc7406500e7d0a3785538b8735
[root@slave1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
#此時客戶端全部的鏡像文件所有刪除
[root@slave1 ~]# docker pull 192.168.3.82:5000/nginx:v1
Trying to pull repository 192.168.3.82:5000/nginx ...
v1: Pulling from 192.168.3.82:5000/nginx
683abbb4ea60: Pull complete
6ff57cbc007a: Pull complete
162f7aebbf40: Pull complete
Digest: sha256:edad5e71815c79108ddbd1d42123ee13ba2d8050ad27cfa72c531986d03ee4e7
Status: Downloaded newer image for 192.168.3.82:5000/nginx:v1
[root@slave1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.3.82:5000/nginx v1 649dcb69b782 11 hours ago 109 MB
#能夠看出,客戶端已正常從遠端服務器拉取到所須要的鏡像文件,其它內網服務器也能夠正常共享這臺鏡像服務器上的鏡像文件,不用去公網拉取。複製代碼
注:以前分享的幾篇資源文章,因爲一些緣由(連接失效或版權緣由)不少資源被取消了,故民工哥從新整理了一份(包括JAVA開發、大數據、Hadoop、zookeeper、移動端開發、系統運維、數據庫、Python、微服務、架構師、Docker容器、K8S等衆多視頻資源),公衆號後臺回覆:「乾貨」 便可得到所有高達800GB的視頻資源。瀏覽器