zoukankan      html  css  js  c++  java
  • Docker

    通过官方Docker Registry在局域网内部搭建私有镜像注册中心.

    1 - 拉取registry镜像

    [anliven@anliven ~]$ cat /etc/system-release  # 本机系统版本
    CentOS Linux release 7.8.2003 (Core)
    [anliven@anliven ~]$
    [anliven@anliven ~]$ ip addr show |grep "192.168.56."  # 本机地址
        inet 192.168.56.102/24 brd 192.168.56.255 scope global noprefixroute dynamic enp0s8
    [anliven@anliven ~]$
    [anliven@anliven ~]$ docker pull registry
    Using default tag: latest
    latest: Pulling from library/registry
    9b794450f7b6: Pull complete
    6ba25693af03: Pull complete
    9eb68e7589ff: Pull complete
    6cf77150f665: Pull complete
    339e0c26c7cc: Pull complete
    Digest: sha256:5bb9b919833aa955dfe1d1121cc038330b025ec6506ce47066c9192927e3dc3d
    Status: Downloaded newer image for registry:latest
    docker.io/library/registry:latest
    [anliven@anliven ~]$
    [anliven@anliven ~]$ docker images |grep registry
    registry                                                            latest              ee34aa9d8ab2        12 days ago         26.2MB
    [anliven@anliven ~]$
    

    2 - 启动registry容器

    [anliven@anliven ~]$ sudo mkdir /local-registry
    [anliven@anliven ~]$ ls -l / |grep local
    drwxr-xr-x    2 root root    6 Apr 14 05:32 local-registry
    [anliven@anliven ~]$ 
    [anliven@anliven ~]$ docker run -d --name local-registry --restart=always  -p 5000:5000 -v /local-registry:/var/lib/registry registry:latest
    5a7ec6db4b2f1987d2ae8355af6fbc887f64b8111efa8f2e2a42c95f8e77bae5
    [anliven@anliven ~]$
    [anliven@anliven ~]$ docker ps
    CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
    5a7ec6db4b2f        registry:latest     "/entrypoint.sh /etc…"   8 seconds ago       Up 6 seconds        0.0.0.0:5000->5000/tcp   local-registry
    [anliven@anliven ~]$
    [anliven@anliven ~]$ sudo netstat -anpt |grep 5000
    tcp6       0      0 :::5000                 :::*                    LISTEN      13895/docker-proxy
    [anliven@anliven ~]$
    

    浏览器打开localhost:5000/v2/, 或者命令行执行curl -v localhost:5000/v2/, 验证本地registry是否运行正常

    [anliven@anliven ~]$ curl -v localhost:5000/v2/  # 验证本地registry是否运行正常
    * About to connect() to localhost port 5000 (#0)
    *   Trying ::1...
    * Connected to localhost (::1) port 5000 (#0)
    > GET /v2/ HTTP/1.1
    > User-Agent: curl/7.29.0
    > Host: localhost:5000
    > Accept: */*
    >
    < HTTP/1.1 200 OK
    < Content-Length: 2
    < Content-Type: application/json; charset=utf-8
    < Docker-Distribution-Api-Version: registry/2.0
    < X-Content-Type-Options: nosniff
    < Date: Wed, 14 Apr 2021 09:55:28 GMT
    <
    * Connection #0 to host localhost left intact
    {}[anliven@anliven ~]$
    [anliven@anliven ~]$
    [anliven@anliven ~]$ curl localhost:5000/v2/_catalog  # 查看本地registry的镜像
    {"repositories":[]}
    [anliven@anliven ~]$ curl 192.168.56.102:5000/v2/_catalog  # 使用ip
    {"repositories":[]}
    [anliven@anliven ~]$ 
    

    3 - 推送镜像到本地注册中心(registry)

    [anliven@anliven ~]$ docker images |grep ubuntu
    ubuntu                                                              latest              4e2eef94cd6b        7 months ago        73.9MB
    [anliven@anliven ~]$
    [anliven@anliven ~]$ docker tag ubuntu localhost:5000/ubuntu   # 更改镜像名称
    [anliven@anliven ~]$ docker images |grep ubuntu
    ubuntu                                                              latest              4e2eef94cd6b        7 months ago        73.9MB
    localhost:5000/ubuntu                                               latest              4e2eef94cd6b        7 months ago        73.9MB
    [anliven@anliven ~]$
    [anliven@anliven ~]$ docker push localhost:5000/ubuntu  # 推送镜像到本地注册中心
    The push refers to repository [localhost:5000/ubuntu]
    a4399aeb9a0e: Pushed
    35a91a75d24b: Pushed
    ad44aa179b33: Pushed
    2ce3c188c38d: Pushed
    latest: digest: sha256:6f2fb2f9fb5582f8b587837afd6ea8f37d8d1d9e41168c90f410a6ef15fa8ce5 size: 1152
    [anliven@anliven ~]$
    [anliven@anliven ~]$ docker images |grep ubuntu
    ubuntu                                                              latest              4e2eef94cd6b        7 months ago        73.9MB
    localhost:5000/ubuntu                                               latest              4e2eef94cd6b        7 months ago        73.9MB
    [anliven@anliven ~]$
    [anliven@anliven ~]$ curl localhost:5000/v2/_catalog  # 查看本地registry的镜像
    {"repositories":["ubuntu"]}
    [anliven@anliven ~]$
    [anliven@anliven ~]$ curl localhost:5000/v2/ubuntu/tags/list  # 查看本地registry中镜像的详细信息
    {"name":"ubuntu","tags":["latest"]}
    [anliven@anliven ~]$
    [anliven@anliven ~]$ curl 192.168.56.102:5000/v2/ubuntu/tags/list
    {"name":"ubuntu","tags":["latest"]}
    anliven@anliven ~]$ 
    [anliven@anliven ~]$ tree -L 3 /local-registry/docker/registry/v2/repositories/ubuntu/
    /local-registry/docker/registry/v2/repositories/ubuntu/
    ├── _layers
    │   └── sha256
    │       ├── 46d371e02073acecf750a166495a63358517af793de739a51b680c973fae8fb9
    │       ├── 4e2eef94cd6b93dd4d794c18b45c763f72edc22858e0da5b6e63a4566a54c03c
    │       ├── 54ee1f796a1e650627269605cb8e6a596b77b324e6f0a1e4443dc41def0e58a6
    │       ├── b66c17bbf772fa072c280b10fe87bc999420042b5fce5b111db38b4fe7c40b49
    │       └── f7bfea53ad120b47cea5488f0b8331e737a97b33003517b0bd05e83925b578f0
    ├── _manifests
    │   ├── revisions
    │   │   └── sha256
    │   └── tags
    │       └── latest
    └── _uploads
    
    13 directories, 0 files
    [anliven@anliven ~]$
    

    4 - 拉取本地注册中心(registry)中的镜像

    [anliven@anliven ~]$ cat /etc/docker/daemon.json
    {
      "registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"]
    }
    [anliven@anliven ~]$ 
    [anliven@anliven ~]$ sudo vim /etc/docker/daemon.json  # 增加insecure-registries
    [anliven@anliven ~]$ cat /etc/docker/daemon.json
    {
      "registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"],"insecure-registries": ["192.168.56.102:5000"]
    }
    [anliven@anliven ~]$
    [anliven@anliven ~]$ sudo systemctl daemon-reload
    [anliven@anliven ~]$ sudo systemctl restart docker
    [anliven@anliven ~]$
    [anliven@anliven ~]$ docker pull 192.168.56.102:5000/ubuntu
    Using default tag: latest
    latest: Pulling from ubuntu
    Digest: sha256:6f2fb2f9fb5582f8b587837afd6ea8f37d8d1d9e41168c90f410a6ef15fa8ce5
    Status: Downloaded newer image for 192.168.56.102:5000/ubuntu:latest
    192.168.56.102:5000/ubuntu:latest
    [anliven@anliven ~]$
    [anliven@anliven ~]$ docker images |grep ubuntu
    ubuntu                                                              latest              4e2eef94cd6b        7 months ago        73.9MB
    localhost:5000/ubuntu                                               latest              4e2eef94cd6b        7 months ago        73.9MB
    192.168.56.102:5000/ubuntu                                          latest              4e2eef94cd6b        7 months ago        73.9MB
    [anliven@anliven ~]$
    

    5 - 在其他主机拉取本地注册中心(registry)中的镜像

    anliven@anliven:~$ lsb_release -a  # 系统版本
    No LSB modules are available.
    Distributor ID: Ubuntu
    Description:    Ubuntu 18.04.3 LTS
    Release:        18.04
    Codename:       bionic
    anliven@anliven:~$
    anliven@anliven:~$ ip addr show |grep "192.168.56"  # 主机地址
        inet 192.168.56.101/24 brd 192.168.56.255 scope global dynamic noprefixroute enp0s8
    anliven@anliven:~$
    anliven@anliven:~$ sudo vim /etc/docker/daemon.json  # 增加insecure-registries
    anliven@anliven:~$ cat /etc/docker/daemon.json
    {
      "registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"],"insecure-registries": ["192.168.56.102:5000"]
    }
    anliven@anliven:~$ sudo systemctl daemon-reload
    anliven@anliven:~$ sudo systemctl restart docker
    anliven@anliven:~$
    anliven@anliven:~$ curl 192.168.56.102:5000/v2/_catalog
    {"repositories":["ubuntu"]}
    anliven@anliven:~$
    anliven@anliven:~$ docker pull 192.168.56.102:5000/ubuntu  # 拉取本地注册中心(registry)中的镜像
    Using default tag: latest
    latest: Pulling from ubuntu
    54ee1f796a1e: Pull complete
    f7bfea53ad12: Pull complete
    46d371e02073: Pull complete
    b66c17bbf772: Pull complete
    Digest: sha256:6f2fb2f9fb5582f8b587837afd6ea8f37d8d1d9e41168c90f410a6ef15fa8ce5
    Status: Downloaded newer image for 192.168.56.102:5000/ubuntu:latest
    192.168.56.102:5000/ubuntu:latest
    anliven@anliven:~$
    anliven@anliven:~$ docker images |grep ubuntu
    192.168.56.102:5000/ubuntu    latest              4e2eef94cd6b        7 months ago        73.9MB
    anliven@anliven:~$
    

    问题处理: "http: server gave HTTP response to HTTPS client"

    问题现象

    [anliven@anliven ~]$ docker pull 192.168.56.102:5000/ubuntu
    Using default tag: latest
    Error response from daemon: Get https://192.168.56.102:5000/v2/: http: server gave HTTP response to HTTPS client
    [anliven@anliven ~]$
    

    处理方法

    [anliven@anliven ~]$ cat /etc/docker/daemon.json
    {
      "registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"]
    }
    [anliven@anliven ~]$ 
    [anliven@anliven ~]$ sudo vim /etc/docker/daemon.json  # 增加insecure-registries
    [anliven@anliven ~]$ cat /etc/docker/daemon.json
    {
      "registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"],"insecure-registries": ["192.168.56.102:5000"]
    }
    [anliven@anliven ~]$
    

    Action is the antidote to despair!

    欢迎转载和引用,但请在明显处保留原文链接和原作者信息!
    本博客内容多为个人工作与学习的记录,少部分内容来自于网络并略有修改,已尽力标明原文链接和转载说明。如有冒犯,即刻删除!

    以所舍,求所获,有所依,方所成。
  • 相关阅读:
    20145322《信息安全系统设计基础》第13周学习总结
    20145310《信息安全系统设计基础》实验五 网络通信
    《信息安全系统设计基础》实验四 外设驱动程序设计
    《信息安全系统设计基础》实验二 固件设计
    《信息安全系统设计基础》实验三报告
    20145321《信息安全系统设计基础》第14周学习总结
    20145321 《信息安全系统设计基础》第13周学习总结
    《信息安全系统设计基础》实验五报告
    20145321 《信息安全系统设计基础》第12周学习总结
    《信息安全系统设计基础》实验四报告
  • 原文地址:https://www.cnblogs.com/anliven/p/14515266.html
Copyright © 2011-2022 走看看