• Docker私有仓库1


    一、搭建私有仓库

    #环境

    Ip 192.168.0.34

    X86云主机

     

    [root@lh-2 /]# uname -a
    Linux lh-2 3.10.0-327.13.1.el7.x86_64 #1 SMP Thu Mar 31 16:04:38 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

     

    操作系统

    [root@lh-2 data]# cat /etc/redhat-release 
    CentOS Linux release 7.2.1511 (Core)

    #registry镜像,运行一个容器

    [root@lh-2 ~]# sudo docker pull registry
    [root@lh-2 ~]# sudo docker run -d -p 5000:5000 -v /opt/data/registry:/tmp/registry registry

    #拉busybox镜像,打标签

    [root@lh-2 ~]# sudo docker pull busybox
    [root@lh-2 ~]# sudo docker tag busybox 192.168.0.34:5000/busybox

    #提交镜像到私有仓库

     

    [root@lh-2 ~]#  sudo docker push 192.168.0.34:5000/busybox
    The push refers to a repository [192.168.0.34:5000/busybox]
    unable to ping registry endpoint https://192.168.0.34:5000/v0/
    v2 ping attempt failed with error: Get https://192.168.0.34:5000/v2/: dial tcp 192.168.0.34:5000: getsockopt: connection refused
     v1 ping attempt failed with error: Get https://192.168.0.34:5000/v1/_ping: dial tcp 192.168.0.34:5000: getsockopt: connection refused

     

    因为Docker1.3.x之后,与docker registry交互默认使用的是https,但是此处搭建私有仓库却只提供http服务,所以当和私有仓库交互时报上述错误。因此需要在启动docker server时增加启动参数为默认使用http访问。

    #若无问题,直接查看仓库镜像

    [root@lh-2 data]# curl -XGET 192.168.0.34:5000/v2/_catalog

    二、FAQ

    #上面push镜像是报错,docker配置文件中添加如下一行:

    [root@lh-2 ~]# vi /etc/sysconfig/docker
    # If you have a registry secured with https but do not have proper certs
    # distributed, you can tell docker to not look for full authorization by
    # adding the registry to the INSECURE_REGISTRY line and uncommenting it.
    # INSECURE_REGISTRY='--insecure-registry'
    INSECURE_REGISTRY='--insecure-registry=192.168.0.34:5000'

    #重启docker服务

    [root@lh-2 ~]# systemctl restart docker.service
    Warning: docker.service changed on disk. Run 'systemctl daemon-reload' to reload units.
    [root@lh-2 ~]# sudo docker push 192.168.0.34:5000/busybox
    The push refers to a repository [192.168.0.34:5000/busybox]
    Put http://192.168.0.34:5000/v1/repositories/busybox/: dial tcp 192.168.0.34:5000: getsockopt: connection refused

    注:连接拒绝。报错后面可以看到是因为未启动容器,不过此时配置文件未生效。

    [root@lh-2 ~]# ps -aux|grep docker
    root     32050  1.3  0.4 559440 32500 ?        Ssl  06:16   0:00 /usr/bin/docker-current daemon --exec-opt native.cgroupdriver=systemd --selinux-enabled --log-driver=journald --insecure-registry=192.168.0.34:5000
    root     32123  0.2  0.1 124140 15712 ?        Sl   06:16   0:00 docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8000 -container-ip 172.17.0.2 -container-port 8080
    root     32307  0.0  0.0 112648   972 pts/3    S+   06:17   0:00 grep --color=auto docker

    注:根据输出可以看出我们更改配置文件并没有生效

    #修改docker配置文件,使其重启服务能生效

    [root@lh-2 ~]# vi /usr/lib/systemd/system/docker.service
    [Unit]
    Description=Docker Application Container Engine
    Documentation=http://docs.docker.com
    After=network.target rhel-push-plugin.socket
    Wants=docker-storage-setup.service
    
    [Service]
    Type=notify
    NotifyAccess=all
    EnvironmentFile=-/etc/sysconfig/docker
    EnvironmentFile=-/etc/sysconfig/docker-storage
    EnvironmentFile=-/etc/sysconfig/docker-network
    Environment=GOTRACEBACK=crash
    ExecStart=/usr/bin/docker-current daemon 
              --exec-opt native.cgroupdriver=systemd 
              $OPTIONS 
              $DOCKER_STORAGE_OPTIONS 
              $DOCKER_NETWORK_OPTIONS 
              $ADD_REGISTRY 
              $BLOCK_REGISTRY 
              $INSECURE_REGISTRY
    LimitNOFILE=1048576
    LimitNPROC=1048576
    LimitCORE=infinity
    TimeoutStartSec=0
    MountFlags=slave
    Restart=on-abnormal
    
    [Install]
    WantedBy=multi-user.target

    #重启docker服务,查看修改配置是否写入

    [root@lh-2 ~]# systemctl daemon-reload
    [root@lh-2 ~]# systemctl restart docker
    [root@lh-2 ~]# ps -aux|grep docker
    root      6401  2.8  0.3 559696 30164 ?        Ssl  06:23   0:00 /usr/bin/docker-current daemon --exec-opt native.cgroupdriver=systemd --selinux-enabled --log-driver=journald --insecure-registry=192.168.0.34:5000
    root      6748  0.5  0.2 123084 17492 ?        Sl   06:23   0:00 docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8000 -container-ip 172.17.0.2 -container-port 8080
    root      6897  0.0  0.0 112652   968 pts/3    S+   06:23   0:00 grep --color=auto docker

    #前面提交到私有仓库报错

    [root@lh-2 ~]# sudo docker push 192.168.0.34:5000/busybox
    The push refers to a repository [192.168.0.34:5000/busybox]
    Put http://192.168.0.34:5000/v1/repositories/busybox/: dial tcp 192.168.0.34:5000: getsockopt: connection refused
    
    [root@lh-2 ~]# docker ps -a
    CONTAINER ID        IMAGE                           COMMAND                  CREATED             STATUS                         PORTS                                          NAMES
    b57ed47acdc1        rancher/swarm-agent:v0.1.3      "swarm-agent"            13 minutes ago      Up 13 minutes                                                                 r-Swarm_swarm-agent_1
    6cb333619b90        registry                        "/entrypoint.sh /etc/"   2 hours ago         Exited (2) About an hour ago                                                  pensive_lovelace
    [root@lh-2 ~]# docker start 6cb333619b90
    6cb333619b90
    [root@lh-2 ~]# sudo docker push 192.168.0.34:5000/busybox
    The push refers to a repository [192.168.0.34:5000/busybox]
    8ac8bfaff55a: Pushed 
    latest: digest: sha256:a59906e33509d14c036c8678d687bd4eec81ed7c4b8ce907b888c607f6a1e0e6 size: 505

    原因:未开启registry镜像容器。

    #进入容器报错

    [root@lh-2 ~]# docker exec -it 6cb333619b90 /bin/bash
    exec: "/bin/bash": stat /bin/bash: no such file or directory

    原因:不支持bash

    #进入容器查看镜像存储

    [root@lh-2 ~]# docker exec -it 6cb333619b90 /bin/sh
    / #
    / # ls
    bin            entrypoint.sh  home           linuxrc        mnt            root           sbin           sys            usr
    dev            etc            lib            media          proc           run            srv            tmp            var
    / # cd tmp/registry/
    /tmp/registry # ls
    /tmp/registry # ls
    [root@lh-2 ~]# sudo docker run 192.168.0.34:5000/busybox
    [root@lh-2 ~]# docker ps -a
    CONTAINER ID        IMAGE                           COMMAND                  CREATED             STATUS                     PORTS                                          NAMES
    e7a80ce00dbe        192.168.0.34:5000/busybox       "sh"                     9 seconds ago       Exited (0) 7 seconds ago
    
    [root@lh-2 ~]# docker images
    REPOSITORY                         TAG                 IMAGE ID            CREATED             SIZE192.168.0.34:5000/busybox          latest              2b8fd9751c4c        10 weeks ago        1.093 MB

    感觉写一起有些太长了,再来一篇吧

    https://www.cnblogs.com/zeppelin/p/5906435.html

    欢迎扫码关注下面公众号,定期分享大数据与知识图谱相关知识点,读书思考。

     

     

  • 相关阅读:
    经典背景音乐集(转)
    商业模式的思考
    PHP5.4的变化关注What has changed in PHP 5.4.x
    yii模版中的写法
    设计模式(一)工厂模式Factory(创建型)
    yii模版中的判断方法
    Yacc 与 Lex 快速入门(词法分析和语法分析)
    Windows PHP 中 VC6 X86 和 VC9 X86 的区别及 Non Thread Safe 的意思
    金融系列1《借贷记卡介绍》
    设计模式概论
  • 原文地址:https://www.cnblogs.com/zeppelin/p/5906410.html
Copyright © 2020-2023  润新知