以docker 方式安装
docker pull registry
1、创建文件夹,往文件中添加密码
[root@localhost ~]# cd /data/docker/auth [root@localhost /data/docker/auth]# echo "user:lulu passwd:123456" >htpasswd #格式转换 [root@localhost /data/docker/auth]# cd .. [root@localhost /data/docker]# docker run --entrypoint htpasswd registry:latest -Bbn lulu 123456 >auth/htpasswd [root@localhost /data/docker]# cat auth/htpasswd lulu:$2y$05$9lG7QFC/hSCj/s.c4769K.4mSsqWF5OwTPv2UP6.itFGlWCV/HwVS
2、运行容器
[root@localhost /data/docker]# cd /
[root@localhost ~]# docker run -d -p 5000:5000 --restart unless-stopped --privileged=true -v /data/docker/history:/data/registry -v `pwd`/data/docker/auth:/auth -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry
登录镜像仓库
[root@localhost /]# docker login 192.168.182.100:5000 Username: lulu Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
查看私库中的镜像
curl -u username:password -XGET http://ip:port/v2/_catalog #无认证 curl -XGET http://192.168.182.100:5000/v2/_catalog #有认证 curl -u lulu:123456 -XGET http://192.168.182.100:5000/v2/_catalog
查看某一镜像的版本信息 访问方式为 http://ip:port/v2/镜像名字/tags/list
curl -u username:password -XGET http://ip:port/v2/镜像名字/tags/list #无认证 curl -XGET http://192.168.182.100:5000/v2/myserver/tags/list #有认证 curl -u lulu:123456 http://192.168.182.100:5000/v2/myserver/tags/list
删除镜像
删除镜像对应的API如下:
[root@master ~]# docker exec -it f70d0c79e6d546d4 sh DELETE /v2/<name>/manifests/<reference>
name:镜像名称
reference: 镜像对应sha256值
将镜像push到私库在其他节点 使用私库镜像时需要跟上对应的ip,端口和镜像在私库中的名字和版本
#修改标签 docker tag nginx 192.168.1.200:5000//myserver:v1 #push 上传 docker push 192.168.1.200:5000//myserver:v1
要使用非https的仓库,所有终端都需求配置一下
vi /etc/docker/daemon.json
没有配置加速器的
// 单个私服的写法 { "insecure-registries": ["registry的IP地址:端口号"] }
// 多个私服的写法 { "insecure-registries": ["registry1的IP地址:端口号","registry2的IP地址:端口号"] }
配置加速器的
// 单个私服的写法 { "registry-mirrors": [ "https://dockerhub.azk8s.cn", "https://reg-mirror.qiniu.com" ], "insecure-registries": ["registry的IP地址:端口号"] }
// 多个私服的写法 { "registry-mirrors": [ "https://dockerhub.azk8s.cn", "https://reg-mirror.qiniu.com" ], "insecure-registries": ["registry1的IP地址:端口号","registry2的IP地址:端口号"] }
修改完后 重置重启
systemctl daemon-reload systemctl restart docker