zoukankan      html  css  js  c++  java
  • docker私有仓库操作(搭建、运行、添加、删除)

    参考:https://yeasy.gitbooks.io/docker_practice/content/repository/registry.html

    运行私有仓库

    直接用docker的方式运行registry镜像省了搭建步骤

    $ docker run -d 
        -p 5000:5000 
        -v /opt/data/registry:/var/lib/registry 
        registry
    

    TIPS:

    数据目录和库文件目录可以自己设置,甚至可以给私有仓库取名字,如下:

    $ docker run -d -p 5000:5000 --privileged=true -v /home/.registry/data:/home/.registry/lib  --restart=always --name pirvi_registry registry
    

    指定了名字之后,如果想重启,可以使用命令:

    $ docker restart pirvi_registry
    

    如果是执行run的话相当于启动了一个新的容器,容器ID就会变,如果还是使用刚才的参数并且--name相同,那么会报如下错误:

    docker: Error response from daemon: Conflict. The container name "/pirvi_registry" is already in use by container "194a22f33b1af366f036cc7691a1d1d918e55150bbc170e8e8fd171e52f0f273". You have to remove (or rename) that container to be able to reuse that name.
    

    因此如果要重新启动容器请使用docker restart [name]命令。


    上传

    把镜像放入私有仓库

    $ docker image ls
    REPOSITORY                        TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
    ubuntu                            latest              ba5877dc9bec        6 weeks ago         192.7 MB
    $ docker tag ubuntu:latest 127.0.0.1:5000/ubuntu:latest
    $ docker image ls
    REPOSITORY                        TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
    ubuntu                            latest              ba5877dc9bec        6 weeks ago         192.7 MB
    127.0.0.1:5000/ubuntu:latest      latest              ba5877dc9bec        6 weeks ago         192.7 MB
    

    验证

    $ docker image rm 127.0.0.1:5000/ubuntu:latest
    
    $ docker pull 127.0.0.1:5000/ubuntu:latest
    Pulling repository 127.0.0.1:5000/ubuntu:latest
    ba5877dc9bec: Download complete
    511136ea3c5a: Download complete
    9bad880da3d2: Download complete
    25f11f5fb0cb: Download complete
    ebc34468f71d: Download complete
    2318d26665ef: Download complete
    
    $ docker image ls
    REPOSITORY                         TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
    127.0.0.1:5000/ubuntu:latest       latest              ba5877dc9bec        6 weeks ago         192.7 MB
    

    查看

    查看私有仓库中的镜像

    $ curl 127.0.0.1:5000/v2/_catalog
    {"repositories":["ubuntu","nginx"]}
    

    查看具体的某个镜像的版本

    [root@kub2 ~]# curl 127.0.0.1:5000/v2/nginx/tags/list
    {"name":"nginx","tags":["1.7.9"]}
    

    有人写了现成的脚本:查看仓库镜像脚本

    查看某个镜像的sha256值:

    curl -v --silent "127.0.0.1:5000/v2/nginx/manifests/1.7.9" 2>&1 | grep Docker-Content-Digest | awk '{print ($3)}'
    

    删除私有仓库的镜像

    $ curl -I -X DELETE http://127.0.0.1:5000/v2/fbgweb/manifests/sha256:6a67ba482a8dd4f8143ac96b1dcffa5e45af95b8d3e37aeba72401a5afd7ab8e
    

    TIPS:

    这里需要注意:
    1 这里的删除镜像只是删除了一些元数据,需要执行下面的垃圾回收才能真正地从硬盘上删除镜像数据。
    2 因为缺省Docker private registry不允许删除镜像,如果遇到“405 Unsupported” 错误,需要在运行registry容器时设置REGISTRY_STORAGE_DELETE_ENABLED环境变量或参数为true。
    错误信息如下:

    HTTP/1.1 405 Method Not Allowed
    Content-Type: application/json; charset=utf-8
    Docker-Distribution-Api-Version: registry/2.0
    X-Content-Type-Options: nosniff
    Date: Wed, 28 Aug 2019 07:31:34 GMT
    Content-Length: 78
    
    

    docker-compose.yaml 例子:

     environment:
        REGISTRY_STORAGE_DELETE_ENABLED: "true"
    

    docker run 例子:

    -e REGISTRY_STORAGE_DELETE_ENABLED="true"
    

    另外, 要删除的镜像的sha256也可以从docker pull该镜像之后的打印中获得:

    $ docker push 127.0.0.1:5000/radial/busyboxplus:curl
    The push refers to repository [127.0.0.1:5000/radial/busyboxplus]
    5f70bf18a086: Mounted from nginx 
    430380561a4f: Pushed 
    165264a81ac2: Pushed 
    curl: digest: sha256:ef538eae80f40015736f1ee308d74b4f38f74e978c65522ce64abdf8c8c5e0d6 size: 1765
    

    垃圾回收

    查看私有仓库的容器

    $ docker ps
    CONTAINER ID        IMAGE                  COMMAND                  CREATED             STATUS              PORTS                    NAMES
    194a22f33b1a        registry               "/entrypoint.sh /etc…"   4 days ago          Up 4 days           0.0.0.0:5000->5000/tcp   pirvi_registry                                 
    

    用tty登录到容器

    $ docker exec -it 194a22f33b1a /bin/sh
    

    执行垃圾回收命令

    ~ # registry garbage-collect /etc/docker/registry/config.yml 
    31 blobs marked, 5 blobs eligible for deletion
    blob eligible for deletion: sha256:5e7cf06c8745d0985f94191c60aad8b87371c8a674162525bff0efccdb805931
    INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/5e/5e7cf06c8745d0985f94191c60aad8b87371c8a674162525bff0efccdb805931  go.version=go1.7.6 instance.id=c38f4c35-9914-4b77-a59f-ea584137fae0
    ...
    

    问题排查

    1. push到127.0.0.1:500/XXX没有问题,但是别的服务器push到私服报错:“The push refers to repository [192.168.15.175:5000/centos]
      Get https://192.168.15.175:5000/v2/: http: server gave HTTP response to HTTPS client”
      解决办法:
      在/etc/docker/daemon.json文件中添加" "insecure-registries": ["192.168.15.175:5000"]"一句
    {
      ......
      "insecure-registries": ["192.168.15.175:5000"],
     ......
    }
    

    然后重启docker

    $ systemctl restart docker.service
    
  • 相关阅读:
    Elasticsearch核心技术与实战-学习笔记
    在ABP中灵活使用AutoMapper
    使用log4net记录ABP日志
    Abp小知识-如何全局设置DontWrapResult属性
    《C#并发编程经典实例》学习笔记—2.7 避免上下文延续
    NEST 6.X升级到7.X
    django框架——十
    django——自定义分页
    django框架九
    orm数据库查询优化和数据库三大设计范式
  • 原文地址:https://www.cnblogs.com/bugutian/p/11387840.html
Copyright © 2011-2022 走看看