Docker:私有倉庫registry [十一]

時間  2019-11-07
標籤 docker 私有 倉庫 registry 十一 欄目 Docker 简体版
原文   原文鏈接

1、運行docker私有倉庫

安裝registry

docker run -d -p 5000:5000 --restart=always --name registry -v /opt/myregistry:/var/lib/registry registry

當容器啓動完成,私有倉庫就能夠使用了html

2、上傳到私有倉庫的步驟:

一、給要上傳的鏡像打taglinux

[root@luoahong ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
httpd               latest              ef1dc54703e2        2 weeks ago         132

[root@luoahong ~]# docker image tag httpd:latest 192.168.228.134:5000/httpd:latest

二、上傳nginx

[root@luoahong ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
httpd               latest              ef1dc54703e2        2 weeks ago         132MB
[root@luoahong ~]# docker push 192.168.228.134:5000/httpd:latest
The push refers to repository [192.168.228.134:5000/httpd]
Get https://192.168.228.134:5000/v2/: http: server gave HTTP response to HTTPS client

 

三、報錯解決方法docker

[root@luoahong ~]# vim /etc/docker/daemon.json
{
  "registry-mirrors": ["https://registry.docker-cn.com"],
  "insecure-registries": ["192.168.228.134:5000"]
}

[root@luoahong ~]# systemctl restart docker
[root@luoahong ~]# docker push 192.168.228.134:5000/httpd:latest
The push refers to repository [192.168.228.134:5000/httpd]
64446057e402: Pushed
13a694db88ed: Pushed
3fc0ec65884c: Pushed
30d0b099e805: Pushed
7b4e562e58dc: Pushed
latest: digest: sha256:246fed9aa9be7aaba1e04d9146be7a3776c9a40b5cfb3242d3427f79edee37db size: 1367
[root@luoahong ~]# docker images
REPOSITORY                   TAG                 IMAGE ID            CREATED             SIZE
httpd                        latest              ef1dc54703e2        2 weeks ago         132MB
192.168.228.134:5000/httpd   latest              ef1dc54703e2        2 weeks ago         132MB

3、上傳原理推導

一、客戶端

[root@luoahong ~]# docker pull fedora:latest
latest: Pulling from library/fedora
d0483bd5a554: Pull complete
Digest: sha256:4a861283a7f0a8ce3d19b42f4c0a10d7012a4d12f785149d82a0800cdb4498b0
Status: Downloaded newer image for fedora:latest
[root@luoahong ~]# docker image tag  fedora:latest 192.168.228.134:5000/fedora:latest
[root@luoahong ~]# docker push 192.168.228.134:5000/fedora:latest
The push refers to repository [192.168.228.134:5000/fedora]
a13f3c019d29: Pushed
latest: digest: sha256:f6d888e4caccb101aa540013d46089803f84f2b41b7ce70ef6b42e1ff4b33254 size: 529

二、私有倉庫

沒有推送fedora以前json

[root@luoahong1 ~]# cd /opt/myregistry/docker/registry/v2/repositories/
[root@luoahong1 repositories]# ls
centos  httpd
[root@luoahong1 repositories]# pwd
/opt/myregistry/docker/registry/v2/repositories
[root@luoahong1 repositories]# tree httpd/_manifests/
httpd/_manifests/
├── revisions
│   └── sha256
│       └── 246fed9aa9be7aaba1e04d9146be7a3776c9a40b5cfb3242d3427f79edee37db
│           └── link
└── tags
    └── latest
        ├── current
        │   └── link
        └── index
            └── sha256
                └── 246fed9aa9be7aaba1e04d9146be7a3776c9a40b5cfb3242d3427f79edee37db
                    └── link

 推送fedora以後vim

[root@luoahong1 repositories]# ls
centos  fedora  httpd
[root@luoahong1 repositories]# pwd
/opt/myregistry/docker/registry/v2/repositories 

4、帶base認證的私有倉庫

0、沒有帶base認證前

[root@luoahong ~]# docker images
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
192.168.228.134:5000/httpd    latest              ef1dc54703e2        2 weeks ago         132MB
httpd                         latest              ef1dc54703e2        2 weeks ago         132MB
centos                        latest              1e1148e4cc2c        6 weeks ago         202MB
192.168.228.134:5000/fedora   latest              8c568f104326        2 months ago        267MB
fedora                        latest              8c568f104326        2 months ago        267MB
centos                        6.8                 e54faac158ff        3 months ago        195MB
centos                        6.9                 e88c611d16a0        3 months ago        195MB
192.168.228.134:5000/centos   6.9                 e88c611d16a0        3 months ago        195MB
[root@luoahong ~]# docker rmi centos:6.9 192.168.228.134:5000/centos:6.9
Untagged: centos:6.9
Untagged: centos@sha256:48623f1cc1ff287ef4843888bcee22285066adf2d5da6daf000070bee83cd93a
Untagged: 192.168.228.134:5000/centos:6.9
Untagged: 192.168.228.134:5000/centos@sha256:29b4ae1d59c681e6e8bb6f8eff1ec9f1c18cd24ae23b7d612e3a38c27a44f92f
Deleted: sha256:e88c611d16a001c1494b11a55bc25c0e9d63e67444d754d01f0ffa7de92a15c7

[root@luoahong ~]# docker pull 192.168.228.134:5000/centos:6.9
Error response from daemon: Get http://192.168.228.134:5000/v2/centos/manifests/6.9: no basic auth credentials

一、base認證密碼文件準備

yum install httpd-tools -y
mkdir /opt/registry-var/auth/ -p
htpasswd -Bbn luoahong 123456 >> /opt/registry-var/auth/htpasswd

二、啓動docker私有倉庫

docker run -d -p 5000:5000 -v /opt/registry-var/auth/:/auth/ -v /opt/myregistry:/var/lib/registry -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry

三、測試下載

[root@luoahong ~]# docker pull 192.168.228.134:5000/centos:6.9
Error response from daemon: Get http://192.168.228.134:5000/v2/centos/manifests/6.9: no basic auth credentials
[root@luoahong ~]#
[root@luoahong ~]# docker login 192.168.228.134:5000
Username: luoahong
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
[root@luoahong ~]# cat /root/.docker/config.json
{
	"auths": {
		"192.168.228.134:5000": {
			"auth": "bHVvYWhvbmc6MTIzNDU2"
		}
	},
	"HttpHeaders": {
		"User-Agent": "Docker-Client/18.09.1 (linux)"
	}
}[root@luoahong ~]#docker pull 192.168.228.134:5000/centos:6.9
6.9: Pulling from centos
993c50d47469: Pull complete
Digest: sha256:29b4ae1d59c681e6e8bb6f8eff1ec9f1c18cd24ae23b7d612e3a38c27a44f92f
Status: Downloaded newer image for 192.168.228.134:5000/centos:6.9
[root@luoahong ~]# docker images
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
192.168.228.134:5000/httpd    latest              ef1dc54703e2        2 weeks ago         132MB
httpd                         latest              ef1dc54703e2        2 weeks ago         132MB
centos                        latest              1e1148e4cc2c        6 weeks ago         202MB
192.168.228.134:5000/fedora   latest              8c568f104326        2 months ago        267MB
fedora                        latest              8c568f104326        2 months ago        267MB
centos                        6.8                 e54faac158ff        3 months ago        195MB
192.168.228.134:5000/centos   6.9                 e88c611d16a0        3 months ago        195MB

四、私有倉庫的缺點

私有倉庫查看版本很麻煩centos

[root@luoahong1 repositories]# ls httpd/_manifests/tags/
latest
[root@luoahong1 repositories]# pwd
/opt/myregistry/docker/registry/v2/repositories

4、私有倉庫缺點解決方案

一、查看鏡像列表

使用瀏覽器訪問:瀏覽器

http://192.168.228.134:5000/v2/_catalogbash

二、查看鏡像列表

下面我已nginx爲例測試

http://192.168.228.134:5000/v2/nginx/tags/list

三、刪除鏡像

1)進入docker registry的容器中

docker exec -it registry /bin/sh

2) 刪除repo

rm -fr /var/lib/registry/docker/registry/v2/repositories/nginx

3) 清楚掉blob

registry garbage-collect /etc/docker/registry/config.yml

 

https://www.qstack.com.cn/archives/350.html

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程