通过官方Docker Registry在局域网内部搭建私有镜像注册中心.
1 - 拉取registry镜像
[anliven@anliven ~]$ cat /etc/system-release # 本机系统版本
CentOS Linux release 7.8.2003 (Core)
[anliven@anliven ~]$
[anliven@anliven ~]$ ip addr show |grep "192.168.56." # 本机地址
inet 192.168.56.102/24 brd 192.168.56.255 scope global noprefixroute dynamic enp0s8
[anliven@anliven ~]$
[anliven@anliven ~]$ docker pull registry
Using default tag: latest
latest: Pulling from library/registry
9b794450f7b6: Pull complete
6ba25693af03: Pull complete
9eb68e7589ff: Pull complete
6cf77150f665: Pull complete
339e0c26c7cc: Pull complete
Digest: sha256:5bb9b919833aa955dfe1d1121cc038330b025ec6506ce47066c9192927e3dc3d
Status: Downloaded newer image for registry:latest
docker.io/library/registry:latest
[anliven@anliven ~]$
[anliven@anliven ~]$ docker images |grep registry
registry latest ee34aa9d8ab2 12 days ago 26.2MB
[anliven@anliven ~]$
2 - 启动registry容器
[anliven@anliven ~]$ sudo mkdir /local-registry
[anliven@anliven ~]$ ls -l / |grep local
drwxr-xr-x 2 root root 6 Apr 14 05:32 local-registry
[anliven@anliven ~]$
[anliven@anliven ~]$ docker run -d --name local-registry --restart=always -p 5000:5000 -v /local-registry:/var/lib/registry registry:latest
5a7ec6db4b2f1987d2ae8355af6fbc887f64b8111efa8f2e2a42c95f8e77bae5
[anliven@anliven ~]$
[anliven@anliven ~]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5a7ec6db4b2f registry:latest "/entrypoint.sh /etc…" 8 seconds ago Up 6 seconds 0.0.0.0:5000->5000/tcp local-registry
[anliven@anliven ~]$
[anliven@anliven ~]$ sudo netstat -anpt |grep 5000
tcp6 0 0 :::5000 :::* LISTEN 13895/docker-proxy
[anliven@anliven ~]$
浏览器打开localhost:5000/v2/, 或者命令行执行curl -v localhost:5000/v2/, 验证本地registry是否运行正常
[anliven@anliven ~]$ curl -v localhost:5000/v2/ # 验证本地registry是否运行正常
* About to connect() to localhost port 5000 (#0)
* Trying ::1...
* Connected to localhost (::1) port 5000 (#0)
> GET /v2/ HTTP/1.1
> User-Agent: curl/7.29.0
> Host: localhost:5000
> Accept: */*
>
< HTTP/1.1 200 OK
< Content-Length: 2
< Content-Type: application/json; charset=utf-8
< Docker-Distribution-Api-Version: registry/2.0
< X-Content-Type-Options: nosniff
< Date: Wed, 14 Apr 2021 09:55:28 GMT
<
* Connection #0 to host localhost left intact
{}[anliven@anliven ~]$
[anliven@anliven ~]$
[anliven@anliven ~]$ curl localhost:5000/v2/_catalog # 查看本地registry的镜像
{"repositories":[]}
[anliven@anliven ~]$ curl 192.168.56.102:5000/v2/_catalog # 使用ip
{"repositories":[]}
[anliven@anliven ~]$
3 - 推送镜像到本地注册中心(registry)
[anliven@anliven ~]$ docker images |grep ubuntu
ubuntu latest 4e2eef94cd6b 7 months ago 73.9MB
[anliven@anliven ~]$
[anliven@anliven ~]$ docker tag ubuntu localhost:5000/ubuntu # 更改镜像名称
[anliven@anliven ~]$ docker images |grep ubuntu
ubuntu latest 4e2eef94cd6b 7 months ago 73.9MB
localhost:5000/ubuntu latest 4e2eef94cd6b 7 months ago 73.9MB
[anliven@anliven ~]$
[anliven@anliven ~]$ docker push localhost:5000/ubuntu # 推送镜像到本地注册中心
The push refers to repository [localhost:5000/ubuntu]
a4399aeb9a0e: Pushed
35a91a75d24b: Pushed
ad44aa179b33: Pushed
2ce3c188c38d: Pushed
latest: digest: sha256:6f2fb2f9fb5582f8b587837afd6ea8f37d8d1d9e41168c90f410a6ef15fa8ce5 size: 1152
[anliven@anliven ~]$
[anliven@anliven ~]$ docker images |grep ubuntu
ubuntu latest 4e2eef94cd6b 7 months ago 73.9MB
localhost:5000/ubuntu latest 4e2eef94cd6b 7 months ago 73.9MB
[anliven@anliven ~]$
[anliven@anliven ~]$ curl localhost:5000/v2/_catalog # 查看本地registry的镜像
{"repositories":["ubuntu"]}
[anliven@anliven ~]$
[anliven@anliven ~]$ curl localhost:5000/v2/ubuntu/tags/list # 查看本地registry中镜像的详细信息
{"name":"ubuntu","tags":["latest"]}
[anliven@anliven ~]$
[anliven@anliven ~]$ curl 192.168.56.102:5000/v2/ubuntu/tags/list
{"name":"ubuntu","tags":["latest"]}
anliven@anliven ~]$
[anliven@anliven ~]$ tree -L 3 /local-registry/docker/registry/v2/repositories/ubuntu/
/local-registry/docker/registry/v2/repositories/ubuntu/
├── _layers
│ └── sha256
│ ├── 46d371e02073acecf750a166495a63358517af793de739a51b680c973fae8fb9
│ ├── 4e2eef94cd6b93dd4d794c18b45c763f72edc22858e0da5b6e63a4566a54c03c
│ ├── 54ee1f796a1e650627269605cb8e6a596b77b324e6f0a1e4443dc41def0e58a6
│ ├── b66c17bbf772fa072c280b10fe87bc999420042b5fce5b111db38b4fe7c40b49
│ └── f7bfea53ad120b47cea5488f0b8331e737a97b33003517b0bd05e83925b578f0
├── _manifests
│ ├── revisions
│ │ └── sha256
│ └── tags
│ └── latest
└── _uploads
13 directories, 0 files
[anliven@anliven ~]$
4 - 拉取本地注册中心(registry)中的镜像
[anliven@anliven ~]$ cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"]
}
[anliven@anliven ~]$
[anliven@anliven ~]$ sudo vim /etc/docker/daemon.json # 增加insecure-registries
[anliven@anliven ~]$ cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"],"insecure-registries": ["192.168.56.102:5000"]
}
[anliven@anliven ~]$
[anliven@anliven ~]$ sudo systemctl daemon-reload
[anliven@anliven ~]$ sudo systemctl restart docker
[anliven@anliven ~]$
[anliven@anliven ~]$ docker pull 192.168.56.102:5000/ubuntu
Using default tag: latest
latest: Pulling from ubuntu
Digest: sha256:6f2fb2f9fb5582f8b587837afd6ea8f37d8d1d9e41168c90f410a6ef15fa8ce5
Status: Downloaded newer image for 192.168.56.102:5000/ubuntu:latest
192.168.56.102:5000/ubuntu:latest
[anliven@anliven ~]$
[anliven@anliven ~]$ docker images |grep ubuntu
ubuntu latest 4e2eef94cd6b 7 months ago 73.9MB
localhost:5000/ubuntu latest 4e2eef94cd6b 7 months ago 73.9MB
192.168.56.102:5000/ubuntu latest 4e2eef94cd6b 7 months ago 73.9MB
[anliven@anliven ~]$
5 - 在其他主机拉取本地注册中心(registry)中的镜像
anliven@anliven:~$ lsb_release -a # 系统版本
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.3 LTS
Release: 18.04
Codename: bionic
anliven@anliven:~$
anliven@anliven:~$ ip addr show |grep "192.168.56" # 主机地址
inet 192.168.56.101/24 brd 192.168.56.255 scope global dynamic noprefixroute enp0s8
anliven@anliven:~$
anliven@anliven:~$ sudo vim /etc/docker/daemon.json # 增加insecure-registries
anliven@anliven:~$ cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"],"insecure-registries": ["192.168.56.102:5000"]
}
anliven@anliven:~$ sudo systemctl daemon-reload
anliven@anliven:~$ sudo systemctl restart docker
anliven@anliven:~$
anliven@anliven:~$ curl 192.168.56.102:5000/v2/_catalog
{"repositories":["ubuntu"]}
anliven@anliven:~$
anliven@anliven:~$ docker pull 192.168.56.102:5000/ubuntu # 拉取本地注册中心(registry)中的镜像
Using default tag: latest
latest: Pulling from ubuntu
54ee1f796a1e: Pull complete
f7bfea53ad12: Pull complete
46d371e02073: Pull complete
b66c17bbf772: Pull complete
Digest: sha256:6f2fb2f9fb5582f8b587837afd6ea8f37d8d1d9e41168c90f410a6ef15fa8ce5
Status: Downloaded newer image for 192.168.56.102:5000/ubuntu:latest
192.168.56.102:5000/ubuntu:latest
anliven@anliven:~$
anliven@anliven:~$ docker images |grep ubuntu
192.168.56.102:5000/ubuntu latest 4e2eef94cd6b 7 months ago 73.9MB
anliven@anliven:~$
问题处理: "http: server gave HTTP response to HTTPS client"
问题现象
[anliven@anliven ~]$ docker pull 192.168.56.102:5000/ubuntu
Using default tag: latest
Error response from daemon: Get https://192.168.56.102:5000/v2/: http: server gave HTTP response to HTTPS client
[anliven@anliven ~]$
处理方法
[anliven@anliven ~]$ cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"]
}
[anliven@anliven ~]$
[anliven@anliven ~]$ sudo vim /etc/docker/daemon.json # 增加insecure-registries
[anliven@anliven ~]$ cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://t5t8q6wn.mirror.aliyuncs.com"],"insecure-registries": ["192.168.56.102:5000"]
}
[anliven@anliven ~]$