Docker系列-5.分发镜像
镜像的管理分为手工分发和docker-hub或者Registry仓库两种方式
手工分发镜像
使用docker save和docker load可以在没有Registry的情况下实现image的线下分发和迁移
[root@localhost ~]# docker save ubuntu:latest -o ubuntu:tatest.tar
[root@localhost ~]# docker save ubuntu:latest | gzip > ubuntu:tatest.tgz
[root@localhost ~]# ls -lh
-rw-------. 1 root root 73M Aug 2 12:58 ubuntu:tatest.tar
-rw-r--r--. 1 root root 27M Aug 2 12:59 ubuntu:tatest.tgz
[root@localhost ~]# docker save redis:4.0.14_man | gzip > redis:4.0.14_man.tgz
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu update 3c7832c9920b 3 hours ago 96.4MB
ubuntu latest 1e4467b07108 9 days ago 73.9MB
httpd latest 9d2a0c6e5b57 10 days ago 166MB
nginx latest 8cf1bfb43ff5 11 days ago 132MB
centos latest 831691599b88 6 weeks ago 215MB
hello-world latest bf756fb1ae65 7 months ago 13.3kB
[root@localhost ~]# docker load -i redis:4.0.14_man.tgz
4014348e492a: Loading layer [==================================================>] 173.8MB/173.8MB
f3aafaca0eb9: Loading layer [==================================================>] 7.69MB/7.69MB
d0549792a5c2: Loading layer [==================================================>] 103.1MB/103.1MB
bc8ef3880d58: Loading layer [==================================================>] 3.584kB/3.584kB
Loaded image: redis:4.0.14_man
简易Registry镜像仓库
Registry用于保存 Docker 镜像,包括镜像的层次结构和元数据,利用它可以方便的实现镜像的下载、上传与修改。一般来说仓库有Docker Hub主仓库、公有云Registry,私有云Registry。
公有云Registry
Docker Hub是默认的Docker Registry。 Docker Hub 允许任何人在线托管自己的镜像。
另外可以在/etc/docker/daemon.json 中加入更多的其他的国内Registry镜像,一般公有云的Registry都是可以支持匿名Pull出镜像的。
自建私有Registry
docker-registry历经2代,registry1是python语言写的,而现在registry2版本即docker-distribution更加安全和快速,并且是用go语言写的,docker1.6及其以上版本已经不再支持老的Registry。
两种方式安装和部署Registry,第一种是用yum安装docker-distribution系统服务的方式
1 使用 yum 安装docker-distribution
2 以容器方式安装registry
安装
用yum安装docker-distribution这种方式并不是docker官方文档提到的方式,安装后通过systemctl来管理仓库服务。
1 主机规划
| IP | 虚拟机实例 | Hostname | 配置 | OS | 软件 |
|---|---|---|---|---|---|
| 192.168.56.107 | registry-docker-distribution | registry-docker-distribution | docker-distribution.x86_64 0:2.6.2 |
2 安装docker-distribution
[root@localhost ~]# yum info docker-distribution
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.huaweicloud.com
Available Packages
Name : docker-distribution
Arch : x86_64
Version : 2.6.2
Release : 2.git48294d9.el7
Size : 3.5 M
Repo : extras/7/x86_64
Summary : Docker toolset to pack, ship, store, and deliver content
URL : https://github.com/docker/distribution
License : ASL 2.0
Description : Docker toolset to pack, ship, store, and deliver content
[root@localhost ~]# yum install -y docker-distribution
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.huaweicloud.com
Resolving Dependencies
--> Running transaction check
---> Package docker-distribution.x86_64 0:2.6.2-2.git48294d9.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
====================================================================================================================================================
Package Arch Version Repository Size
====================================================================================================================================================
Installing:
docker-distribution x86_64 2.6.2-2.git48294d9.el7 extras 3.5 M
Transaction Summary
====================================================================================================================================================
Install 1 Package
Total download size: 3.5 M
Installed size: 12 M
Downloading packages:
docker-distribution-2.6.2-2.git48294d9.el7.x86_64.rpm | 3.5 MB 00:00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Warning: RPMDB altered outside of yum.
Installing : docker-distribution-2.6.2-2.git48294d9.el7.x86_64 1/1
Verifying : docker-distribution-2.6.2-2.git48294d9.el7.x86_64 1/1
Installed:
docker-distribution.x86_64 0:2.6.2-2.git48294d9.el7
Complete!
3 设置registry
[root@registry-docker-distribution ~]# vi /etc/docker-distribution/registry/config.yml
version: 0.1
log:
fields:
service: registry
storage:
cache:
layerinfo: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
rootdirectory: /var/lib/registry ---镜像仓库的绝对路径
addr: :5000 ----服务绑定5000端口
4 启动服务
[root@registry-docker-distribution ~]# systemctl enable docker-distribution
Created symlink from /etc/systemd/system/multi-user.target.wants/docker-distribution.service to /usr/lib/systemd/system/docker-distribution.service.
[root@registry-docker-distribution ~]# systemctl list-unit-files |grep docker
docker-distribution.service enabled
[root@registry-docker-distribution ~]# systemctl start docker-distribution
[root@registry-docker-distribution ~]# systemctl status docker-distribution
● docker-distribution.service - v2 Registry server for Docker
Loaded: loaded (/usr/lib/systemd/system/docker-distribution.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2020-08-22 12:34:20 EDT; 7s ago
Main PID: 4485 (registry)
CGroup: /system.slice/docker-distribution.service
└─4485 /usr/bin/registry serve /etc/docker-distribution/registry/config.yml
Aug 22 12:34:20 registry-docker-distribution systemd[1]: Started v2 Registry server for Docker.
Aug 22 12:34:20 registry-docker-distribution registry[4485]: time="2020-08-22T12:34:20-04:00" level=warning msg="No HTTP secret provided - generated random secret. This may cause proble...
Aug 22 12:34:20 registry-docker-distribution registry[4485]: time="2020-08-22T12:34:20-04:00" level=info msg="redis not configured" go.version=go1.9.4 instance.id=590a593d-ca7...2+unknown"
Aug 22 12:34:20 registry-docker-distribution registry[4485]: time="2020-08-22T12:34:20-04:00" level=info msg="using inmemory blob descriptor cache" go.version=go1.9.4 instance...2+unknown"
Aug 22 12:34:20 registry-docker-distribution registry[4485]: time="2020-08-22T12:34:20-04:00" level=info msg="listening on [::]:5000" go.version=go1.9.4 instance.id=590a593d-c...2+unknown"
Aug 22 12:34:20 registry-docker-distribution registry[4485]: time="2020-08-22T12:34:20-04:00" level=info msg="Starting upload purge in 18m0s" go.version=go1.9.4 instance.id=59...2+unknown"
Hint: Some lines were ellipsized, use -l to show in full.
- 防火墙问题
[root@registry-docker-distribution ~]# systemctl enable firewalld
[root@registry-docker-distribution ~]# systemctl start firewalld
[root@registry-docker-distribution ~]# firewall-cmd --zone=public --add-port=5000/tcp
[root@registry-docker-distribution ~]# firewall-cmd --zone=public --add-port=5000/tcp --permanent
[root@registry-docker-distribution ~]# firewall-cmd --zone=public --list-ports
5000/tcp
验证镜像仓库
将自建的registry仓库地址写入docker的模板机
[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.56.107 registry-docker-distribution
修改docker仓库配置
[root@localhost ~]# cat /etc/docker/daemon.json
{
"insecure-registries" :["registry-docker-distribution:5000"]
}
上传自定义镜像
这里将Docker系列-4.构建镜像中使用dokerfile构建的redis自定义镜像上传至docker-distribution仓库
[root@localhost ~]# docker push registry-docker-distribution:5000/redis:4.0.14_man
The push refers to repository [registry-docker-distribution:5000/redis]
An image does not exist locally with the tag: registry-docker-distribution:5000/redis
[root@localhost ~]# docker tag redis:4.0.14_man registry-docker-distribution:5000/redis:4.0.14_man
[root@localhost ~]# docker push registry-docker-distribution:5000/redis:4.0.14_man
The push refers to repository [registry-docker-distribution:5000/redis]
bc8ef3880d58: Pushed
d0549792a5c2: Pushed
f3aafaca0eb9: Pushed
4014348e492a: Pushed
eb29745b8228: Pushed
4.0.14_man: digest: sha256:7bb931ff2fccaefedc66c131b3037fe853bb6fd15a11d7542e75044b1b761291 size: 1371
查看仓库registry-docker-distribution
[root@registry-docker-distribution redis]# tree docker/registry/v2/repositories/redis/
.
├── _layers
│ └── sha256
│ ├── 06490819811d503e757ecdb931c9dd91ed848a9f2bcdbd4f8ee1b56c7bff2850
│ │ └── link
│ ├── 508b9f6e54059456fda2cf30bcc8dc6a91608fbc86a13f98979584935bcf151f
│ │ └── link
│ ├── 6910e5a164f725142d77994b247ba20040477fbab49a721bdbe8d61cf855ac23
│ │ └── link
│ ├── 9c78867b86b984247452b9ca50437f7df6c1e1134bc560af1935bf3edfa5d8b0
│ │ └── link
│ ├── acea11d173b3aacef42265759e0f6a41996e4f179fdb45b39eae172fc11b4d1f
│ │ └── link
│ └── ebe4e876b1daeb438b123e335553f4fd3745327d524cb2369b05ec6d09b0a501
│ └── link
├── _manifests
│ ├── revisions
│ │ └── sha256
│ │ └── 7bb931ff2fccaefedc66c131b3037fe853bb6fd15a11d7542e75044b1b761291
│ │ └── link
│ └── tags
│ └── 4.0.14_man
│ ├── current
│ │ └── link
│ └── index
│ └── sha256
│ └── 7bb931ff2fccaefedc66c131b3037fe853bb6fd15a11d7542e75044b1b761291
│ └── link
└── _uploads
19 directories, 9 files