一、搭建私有仓库
#环境
Ip 192.168.0.34
X86云主机
[root@lh-2 /]# uname -a Linux lh-2 3.10.0-327.13.1.el7.x86_64 #1 SMP Thu Mar 31 16:04:38 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
操作系统
[root@lh-2 data]# cat /etc/redhat-release CentOS Linux release 7.2.1511 (Core)
#拉registry镜像,运行一个容器
[root@lh-2 ~]# sudo docker pull registry [root@lh-2 ~]# sudo docker run -d -p 5000:5000 -v /opt/data/registry:/tmp/registry registry
#拉busybox镜像,打标签
[root@lh-2 ~]# sudo docker pull busybox [root@lh-2 ~]# sudo docker tag busybox 192.168.0.34:5000/busybox
#提交镜像到私有仓库
[root@lh-2 ~]# sudo docker push 192.168.0.34:5000/busybox The push refers to a repository [192.168.0.34:5000/busybox] unable to ping registry endpoint https://192.168.0.34:5000/v0/ v2 ping attempt failed with error: Get https://192.168.0.34:5000/v2/: dial tcp 192.168.0.34:5000: getsockopt: connection refused v1 ping attempt failed with error: Get https://192.168.0.34:5000/v1/_ping: dial tcp 192.168.0.34:5000: getsockopt: connection refused
因为Docker从1.3.x之后,与docker registry交互默认使用的是https,但是此处搭建私有仓库却只提供http服务,所以当和私有仓库交互时报上述错误。因此需要在启动docker server时增加启动参数为默认使用http访问。
#若无问题,直接查看仓库镜像
[root@lh-2 data]# curl -XGET 192.168.0.34:5000/v2/_catalog
二、FAQ
#上面push镜像是报错,docker配置文件中添加如下一行:
[root@lh-2 ~]# vi /etc/sysconfig/docker # If you have a registry secured with https but do not have proper certs # distributed, you can tell docker to not look for full authorization by # adding the registry to the INSECURE_REGISTRY line and uncommenting it. # INSECURE_REGISTRY='--insecure-registry' INSECURE_REGISTRY='--insecure-registry=192.168.0.34:5000'
#重启docker服务
[root@lh-2 ~]# systemctl restart docker.service Warning: docker.service changed on disk. Run 'systemctl daemon-reload' to reload units.
[root@lh-2 ~]# sudo docker push 192.168.0.34:5000/busybox The push refers to a repository [192.168.0.34:5000/busybox] Put http://192.168.0.34:5000/v1/repositories/busybox/: dial tcp 192.168.0.34:5000: getsockopt: connection refused
注:连接拒绝。报错后面可以看到是因为未启动容器,不过此时配置文件未生效。
[root@lh-2 ~]# ps -aux|grep docker root 32050 1.3 0.4 559440 32500 ? Ssl 06:16 0:00 /usr/bin/docker-current daemon --exec-opt native.cgroupdriver=systemd --selinux-enabled --log-driver=journald --insecure-registry=192.168.0.34:5000 root 32123 0.2 0.1 124140 15712 ? Sl 06:16 0:00 docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8000 -container-ip 172.17.0.2 -container-port 8080 root 32307 0.0 0.0 112648 972 pts/3 S+ 06:17 0:00 grep --color=auto docker
注:根据输出可以看出我们更改配置文件并没有生效
#修改docker配置文件,使其重启服务能生效
[root@lh-2 ~]# vi /usr/lib/systemd/system/docker.service [Unit] Description=Docker Application Container Engine Documentation=http://docs.docker.com After=network.target rhel-push-plugin.socket Wants=docker-storage-setup.service [Service] Type=notify NotifyAccess=all EnvironmentFile=-/etc/sysconfig/docker EnvironmentFile=-/etc/sysconfig/docker-storage EnvironmentFile=-/etc/sysconfig/docker-network Environment=GOTRACEBACK=crash ExecStart=/usr/bin/docker-current daemon --exec-opt native.cgroupdriver=systemd $OPTIONS $DOCKER_STORAGE_OPTIONS $DOCKER_NETWORK_OPTIONS $ADD_REGISTRY $BLOCK_REGISTRY $INSECURE_REGISTRY LimitNOFILE=1048576 LimitNPROC=1048576 LimitCORE=infinity TimeoutStartSec=0 MountFlags=slave Restart=on-abnormal [Install] WantedBy=multi-user.target
#重启docker服务,查看修改配置是否写入
[root@lh-2 ~]# systemctl daemon-reload [root@lh-2 ~]# systemctl restart docker [root@lh-2 ~]# ps -aux|grep docker root 6401 2.8 0.3 559696 30164 ? Ssl 06:23 0:00 /usr/bin/docker-current daemon --exec-opt native.cgroupdriver=systemd --selinux-enabled --log-driver=journald --insecure-registry=192.168.0.34:5000 root 6748 0.5 0.2 123084 17492 ? Sl 06:23 0:00 docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8000 -container-ip 172.17.0.2 -container-port 8080 root 6897 0.0 0.0 112652 968 pts/3 S+ 06:23 0:00 grep --color=auto docker
#前面提交到私有仓库报错
[root@lh-2 ~]# sudo docker push 192.168.0.34:5000/busybox The push refers to a repository [192.168.0.34:5000/busybox] Put http://192.168.0.34:5000/v1/repositories/busybox/: dial tcp 192.168.0.34:5000: getsockopt: connection refused [root@lh-2 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b57ed47acdc1 rancher/swarm-agent:v0.1.3 "swarm-agent" 13 minutes ago Up 13 minutes r-Swarm_swarm-agent_1 6cb333619b90 registry "/entrypoint.sh /etc/" 2 hours ago Exited (2) About an hour ago pensive_lovelace [root@lh-2 ~]# docker start 6cb333619b90 6cb333619b90 [root@lh-2 ~]# sudo docker push 192.168.0.34:5000/busybox The push refers to a repository [192.168.0.34:5000/busybox] 8ac8bfaff55a: Pushed latest: digest: sha256:a59906e33509d14c036c8678d687bd4eec81ed7c4b8ce907b888c607f6a1e0e6 size: 505
原因:未开启registry镜像容器。
#进入容器报错
[root@lh-2 ~]# docker exec -it 6cb333619b90 /bin/bash exec: "/bin/bash": stat /bin/bash: no such file or directory
原因:不支持bash
#进入容器查看镜像存储
[root@lh-2 ~]# docker exec -it 6cb333619b90 /bin/sh / # / # ls bin entrypoint.sh home linuxrc mnt root sbin sys usr dev etc lib media proc run srv tmp var / # cd tmp/registry/ /tmp/registry # ls /tmp/registry # ls
[root@lh-2 ~]# sudo docker run 192.168.0.34:5000/busybox [root@lh-2 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e7a80ce00dbe 192.168.0.34:5000/busybox "sh" 9 seconds ago Exited (0) 7 seconds ago [root@lh-2 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE192.168.0.34:5000/busybox latest 2b8fd9751c4c 10 weeks ago 1.093 MB
感觉写一起有些太长了,再来一篇吧
https://www.cnblogs.com/zeppelin/p/5906435.html
欢迎扫码关注下面公众号,定期分享大数据与知识图谱相关知识点,读书思考。
