搭建個私有docker鏡像倉庫
公有倉庫和私有倉庫:前端
速度:公有倉庫走的公網,速度較慢;私有倉庫走的是內網,即局域網;java
安全性:公有倉庫存放在公共硬盤上;私有倉庫存在本身服務器硬盤上。python
公有倉:mysql
最權威的,但速度比較慢:nginx
首先登錄:github
$ docker login -usmallsoup Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded
打標籤,push鏡像到hub倉庫:面試
docker tag zookeeper:3.5 smallsoup/zookeeper:3.5 docker push smallsoup/zookeeper:3.5
已push成功,能夠在hub上看到:redis
私有倉:spring
用docker提供的registry在本地搭建私有倉:
docker pull registry:2.5.2 docker run -d -p 5000:5000 registry:2.5.2 docker tag zookeeper:3.5 localhost:5000/zookeeper:3.5 docker push zookeeper:3.5 localhost:5000/zookeeper:3.5
因沒有設置安全性,因此直接能夠push上去。
因爲是本地倉庫,因此pull的速度很快。
[root@localhost micro-service]# docker pull localhost:5000/zookeeper:3.5 3.5: Pulling from zookeeper Digest: sha256:3474ec46da9db9dc27a431f9645a2df9c91d5b969f591fe0ccd4c40f2bfd1579 Status: Image is up to date for localhost:5000/zookeeper:3.5
可是這個私有倉不能知足咱們的需求,生產線上萬一該私有倉服務器故障,其餘服務器也沒法接管。再者,也沒有頁面能夠便於管理。
業內出現的harbor,主要提供 Dcoker Registry 管理UI,可基於角色訪問控制, AD/LDAP 集成,日誌審覈等功能,徹底的支持中文,很是適用於生產環境。
harbor私有倉庫搭建
github地址:
https://github.com/goharbor/h...
下載地址:
https://storage.googleapis.co...
這個連接速度太慢,能夠在這裏下載:
如下使用的harbor版本是harbor-offline-installer-v1.5.0.tgz
首先解壓:
tar -zxf harbor-offline-installer-v1.5.0.tgz
而後運行./install腳本進行安裝,若是須要特殊設置,能夠先修改harbor.cfg和docker-compose.yml後在進行./install安裝操做
[Step 4]: starting Harbor ... Creating network "harbor_harbor" with the default driver Creating harbor-log ... done Creating harbor-adminserver ... Creating redis ... error Creating harbor-db ... Creating registry ... Creating harbor-adminserver ... done ERROR: for redis Cannot create container for service redis: b'Conflict. The container name "/redis" is already in use Creating harbor-db ... done Creating registry ... done Creating harbor-ui ... done Creating nginx ... done ERROR: for redis Cannot create container for service redis: b'Conflict. The container name "/redis" is already in use by container "c3813d66ccad284d3529227fabf3d5c19cb991237de8d3e72fc470ffd2cbfa99". You have to remove (or rename) that container to be able to reuse that name.' ERROR: Encountered errors while bringing up the project.
安裝過程當中報以上錯誤,是由於服務器上已經有了名爲redis的容器名,和harbor將要安裝的redis容器名重名,須要rename服務器上已有的redis容器名爲micro-service-redis:
$ docker ps -a --filter name=redis CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c3813d66ccad hub.c.163.com/public/redis:2.8.4 "/run.sh" 2 days ago Up 42 hours 0.0.0.0:6379->6379/tcp redis $ docker rename redis micro-service-redis $ docker ps -aq --filter name=redis c3813d66ccad $ docker ps -a --filter name=redis CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c3813d66ccad hub.c.163.com/public/redis:2.8.4 "/run.sh" 2 days ago Up 42 hours 0.0.0.0:6379->6379/tcp micro-service-redis
而後從新執行./install
[Step 4]: starting Harbor ... Creating network "harbor_harbor" with the default driver Creating harbor-log ... done Creating redis ... done Creating harbor-db ... done Creating harbor-adminserver ... done Creating registry ... done Creating harbor-ui ... done Creating harbor-jobservice ... Creating nginx ... ERROR: for harbor-jobservice UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60) ERROR: for nginx UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60) ERROR: for jobservice UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60) ERROR: for proxy UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60) ERROR: An HTTP request took too long to complete. Retry with --verbose to obtain debug information. If you encounter this issue regularly because of slow network conditions, consider setting COMPOSE_HTTP_TIMEOUT to a hig
又報以上的錯,多是因爲網絡問題,致使失敗,從新./install試試:
[Step 4]: starting Harbor ... Creating network "harbor_harbor" with the default driver Creating harbor-log ... done Creating redis ... done Creating harbor-db ... done Creating harbor-adminserver ... done Creating registry ... done Creating harbor-ui ... done Creating nginx ... done Creating harbor-jobservice ... done ✔ ----Harbor has been installed and started successfully.---- Now you should be able to visit the admin portal at http://hub.smallsoup.com. For more details, please visit https://github.com/vmware/harbor .
成功了。
能夠訪問harbor部署服務器IP:docker-compose.yml中80映射到宿主機上的端口;
用戶名是admin,密碼是harbor.cfg中harbor_admin_password的值訪問管理頁面:
能夠建立一個私有倉庫micro-service:
在系統管理->用戶管理中添加用戶,而後點開上一步建立的項目-->>成員-->>新建成員,並設置權限。
項目管理員:有pull和push以及項目其餘管理權限;
開發人員:有pull和push權限;
訪客:只有pull權限。
訪客:只有pul
將該項目的各個微服務image push到harbor的micro-service項目裏:
$ docker images |grep -v "vmware" REPOSITORY TAG IMAGE ID CREATED SIZE api-gateway-zuul latest 8a814cf9bb65 23 hours ago 476MB course-service latest 673d4501353e 23 hours ago 462MB course-edge-service latest 854d5d8bddaa 23 hours ago 484MB message-thrift-python-service latest 4317a76b387e 24 hours ago 926MB user-edge-service latest ff07d54a02ba 25 hours ago 469MB user-thrift-service latest 02dd6fd0f239 26 hours ago 456MB python-base latest 81ad8926a9d9 26 hours ago 926MB zookeeper 3.5 c41e1dcd86e4 2 weeks ago 128MB smallsoup/zookeeper 3.5 c41e1dcd86e4 2 weeks ago 128MB localhost:5000/zookeeper 3.5 c41e1dcd86e4 2 weeks ago 128MB elasticsearch latest 5acf0e8da90b 2 weeks ago 486MB registry 2.5.2 96ca477b7e56 3 weeks ago 37.8MB registry 2 2e2f252f3c88 3 weeks ago 33.3MB python 3.6 4f13b7f2138e 4 weeks ago 918MB openjdk 8-jre 66bf39162ea7 4 weeks ago 443MB mysql latest 6a834f03bd02 4 weeks ago 484MB hub.c.163.com/public/redis 2.8.4 4888527e1254 2 years ago 190MB
打標籤:
docker tag openjdk:8-jre 192.168.1.103:80/micro-service/openjdk:8-jre
查看鏡像:
$ docker images |grep -v "vmware" | grep open openjdk 7-jre e4c851ec3393 4 weeks ago 329MB 192.168.1.103:80/micro-service/openjdk 8-jre 66bf39162ea7 4 weeks ago 443MB openjdk
push鏡像:
$ docker push 192.168.1.103:80/micro-service/openjdk:8-jre The push refers to repository [192.168.1.103:80/micro-service/openjdk] Get https://192.168.1.103:80/v2/: http: server gave HTTP response to HTTPS client
push報錯。因爲默認採用的是http協議,即harbor.cfg中的ui_url_protocol值。https的比較麻煩,須要生成證書等步驟,能夠參考:
爲Harbor設置Https
http://gapme.cn/2017/10/25/ha...
這裏暫且用http的方式。
以上報錯解決辦法:
在」/etc/docker/「目錄下,建立」daemon.json「文件。在文件中寫入:
{
"insecure-registries": [
"hub.smallsoup.com:80",
"192.168.1.103:80"
]
}
重啓docker:
systemctl restart docker
docker重啓後,./install或者docker-compose down;docker-compose up -d重啓harbor便可。
將基礎鏡像和各個服務鏡像push到庫上:
題外話:
在安裝過程當中,將80端口映射到宿主機的8081端口,push的時候遇到不少問題(報錯80端口鏈接拒絕,大概就是這個issue
https://github.com/goharbor/h...),查找了不少資料,仍是放棄了,最後映射到宿主機80端口,push一切ok。
因爲用域名的方式push得設置hosts以及端口轉發,比較麻煩,以上採用了IP:PORT方式:
刪除用域名打的標籤:
docker rmi -f hub.smallsoup.com:80/micro-service/openjdk:8-jre
harbor也能夠在公衆號後臺回覆【2】加小編微信索取。
本公衆號免費提供csdn下載服務,海量IT學習資源,若是你準備入IT坑,勵志成爲優秀的程序猿,那麼這些資源很適合你,包括但不限於java、go、python、springcloud、elk、嵌入式 、大數據、面試資料、前端 等資源。同時咱們組建了一個技術交流羣,裏面有不少大佬,會不定時分享技術文章,若是你想來一塊兒學習提升,能夠公衆號後臺回覆【2】,免費邀請加技術交流羣互相學習提升,會不按期分享編程IT相關資源。
掃碼關注,精彩內容第一時間推給你
- 1. Docker搭建私有鏡像倉庫
- 2. docker搭建私有鏡像倉庫
- 3. 搭建docker鏡像私有倉庫
- 4. 搭建Harbor鏡像(docker)私有倉庫
- 5. Docker 搭建私有鏡像倉庫Registry
- 6. 搭建docker私有鏡像倉庫harbor
- 7. 搭建docker registry私有鏡像倉庫
- 8. 【Docker】(4)搭建私有鏡像倉庫
- 9. Docker搭建私有倉庫、查看私有倉庫鏡像
- 10. Nexus 搭建私有鏡像倉庫
- 更多相關文章...
- • Docker 鏡像加速 - Docker教程
- • Docker 鏡像使用 - Docker教程
- • Docker 清理命令
- • 適用於PHP初學者的學習線路和建議
-
每一个你不满意的现在,都有一个你没有努力的曾经。