zoukankan      html  css  js  c++  java

  • Docker:私有仓库registry [十一]

    一、运行docker私有仓库

    安装registry

    docker run -d -p 5000:5000 --restart=always --name registry -v /opt/myregistry:/var/lib/registry registry

    当容器启动完成,私有仓库就可以使用了

    二、上传到私有仓库的步骤:

    1、给要上传的镜像打tag

    [root@luoahong ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
httpd               latest              ef1dc54703e2        2 weeks ago         132

    [root@luoahong ~]# docker image tag httpd:latest 192.168.228.134:5000/httpd:latest

    2、上传

    [root@luoahong ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
httpd               latest              ef1dc54703e2        2 weeks ago         132MB
[root@luoahong ~]# docker push 192.168.228.134:5000/httpd:latest
The push refers to repository [192.168.228.134:5000/httpd]
Get https://192.168.228.134:5000/v2/: http: server gave HTTP response to HTTPS client

    3、报错解决方法

    [root@luoahong ~]# vim /etc/docker/daemon.json
{
  "registry-mirrors": ["https://registry.docker-cn.com"],
  "insecure-registries": ["192.168.228.134:5000"]
}

[root@luoahong ~]# systemctl restart docker
[root@luoahong ~]# docker push 192.168.228.134:5000/httpd:latest
The push refers to repository [192.168.228.134:5000/httpd]
64446057e402: Pushed
13a694db88ed: Pushed
3fc0ec65884c: Pushed
30d0b099e805: Pushed
7b4e562e58dc: Pushed
latest: digest: sha256:246fed9aa9be7aaba1e04d9146be7a3776c9a40b5cfb3242d3427f79edee37db size: 1367
[root@luoahong ~]# docker images
REPOSITORY                   TAG                 IMAGE ID            CREATED             SIZE
httpd                        latest              ef1dc54703e2        2 weeks ago         132MB
192.168.228.134:5000/httpd   latest              ef1dc54703e2        2 weeks ago         132MB

    三、上传原理推导

    1、客户端

    [root@luoahong ~]# docker pull fedora:latest
latest: Pulling from library/fedora
d0483bd5a554: Pull complete
Digest: sha256:4a861283a7f0a8ce3d19b42f4c0a10d7012a4d12f785149d82a0800cdb4498b0
Status: Downloaded newer image for fedora:latest
[root@luoahong ~]# docker image tag  fedora:latest 192.168.228.134:5000/fedora:latest
[root@luoahong ~]# docker push 192.168.228.134:5000/fedora:latest
The push refers to repository [192.168.228.134:5000/fedora]
a13f3c019d29: Pushed
latest: digest: sha256:f6d888e4caccb101aa540013d46089803f84f2b41b7ce70ef6b42e1ff4b33254 size: 529

    2、私有仓库

    没有推送fedora之前

    [root@luoahong1 ~]# cd /opt/myregistry/docker/registry/v2/repositories/
[root@luoahong1 repositories]# ls
centos  httpd
[root@luoahong1 repositories]# pwd
/opt/myregistry/docker/registry/v2/repositories
[root@luoahong1 repositories]# tree httpd/_manifests/
httpd/_manifests/
├── revisions
│   └── sha256
│       └── 246fed9aa9be7aaba1e04d9146be7a3776c9a40b5cfb3242d3427f79edee37db
│           └── link
└── tags
    └── latest
        ├── current
        │   └── link
        └── index
            └── sha256
                └── 246fed9aa9be7aaba1e04d9146be7a3776c9a40b5cfb3242d3427f79edee37db
                    └── link

     推送fedora之后

    [root@luoahong1 repositories]# ls
centos  fedora  httpd
[root@luoahong1 repositories]# pwd
/opt/myregistry/docker/registry/v2/repositories 

    四、带base认证的私有仓库

    0、没有带base认证前

    [root@luoahong ~]# docker images
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
192.168.228.134:5000/httpd    latest              ef1dc54703e2        2 weeks ago         132MB
httpd                         latest              ef1dc54703e2        2 weeks ago         132MB
centos                        latest              1e1148e4cc2c        6 weeks ago         202MB
192.168.228.134:5000/fedora   latest              8c568f104326        2 months ago        267MB
fedora                        latest              8c568f104326        2 months ago        267MB
centos                        6.8                 e54faac158ff        3 months ago        195MB
centos                        6.9                 e88c611d16a0        3 months ago        195MB
192.168.228.134:5000/centos   6.9                 e88c611d16a0        3 months ago        195MB
[root@luoahong ~]# docker rmi centos:6.9 192.168.228.134:5000/centos:6.9
Untagged: centos:6.9
Untagged: centos@sha256:48623f1cc1ff287ef4843888bcee22285066adf2d5da6daf000070bee83cd93a
Untagged: 192.168.228.134:5000/centos:6.9
Untagged: 192.168.228.134:5000/centos@sha256:29b4ae1d59c681e6e8bb6f8eff1ec9f1c18cd24ae23b7d612e3a38c27a44f92f
Deleted: sha256:e88c611d16a001c1494b11a55bc25c0e9d63e67444d754d01f0ffa7de92a15c7

[root@luoahong ~]# docker pull 192.168.228.134:5000/centos:6.9
Error response from daemon: Get http://192.168.228.134:5000/v2/centos/manifests/6.9: no basic auth credentials

    1、base认证密码文件准备

    yum install httpd-tools -y
mkdir /opt/registry-var/auth/ -p
htpasswd -Bbn luoahong 123456 >> /opt/registry-var/auth/htpasswd

    2、启动docker私有仓库

    docker run -d -p 5000:5000 -v /opt/registry-var/auth/:/auth/ -v /opt/myregistry:/var/lib/registry -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry

    3、测试下载

    [root@luoahong ~]# docker pull 192.168.228.134:5000/centos:6.9
Error response from daemon: Get http://192.168.228.134:5000/v2/centos/manifests/6.9: no basic auth credentials
[root@luoahong ~]#
[root@luoahong ~]# docker login 192.168.228.134:5000
Username: luoahong
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
[root@luoahong ~]# cat /root/.docker/config.json
{
	"auths": {
		"192.168.228.134:5000": {
			"auth": "bHVvYWhvbmc6MTIzNDU2"
		}
	},
	"HttpHeaders": {
		"User-Agent": "Docker-Client/18.09.1 (linux)"
	}
}[root@luoahong ~]#docker pull 192.168.228.134:5000/centos:6.9
6.9: Pulling from centos
993c50d47469: Pull complete
Digest: sha256:29b4ae1d59c681e6e8bb6f8eff1ec9f1c18cd24ae23b7d612e3a38c27a44f92f
Status: Downloaded newer image for 192.168.228.134:5000/centos:6.9
[root@luoahong ~]# docker images
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
192.168.228.134:5000/httpd    latest              ef1dc54703e2        2 weeks ago         132MB
httpd                         latest              ef1dc54703e2        2 weeks ago         132MB
centos                        latest              1e1148e4cc2c        6 weeks ago         202MB
192.168.228.134:5000/fedora   latest              8c568f104326        2 months ago        267MB
fedora                        latest              8c568f104326        2 months ago        267MB
centos                        6.8                 e54faac158ff        3 months ago        195MB
192.168.228.134:5000/centos   6.9                 e88c611d16a0        3 months ago        195MB

    4、私有仓库的缺点

    私有仓库查看版本很麻烦

    [root@luoahong1 repositories]# ls httpd/_manifests/tags/
latest
[root@luoahong1 repositories]# pwd
/opt/myregistry/docker/registry/v2/repositories

    四、私有仓库缺点解决方案

    1、查看镜像列表

    使用浏览器访问:

    http://192.168.228.134:5000/v2/_catalog

    2、查看镜像列表

    下面我已nginx为例

    http://192.168.228.134:5000/v2/nginx/tags/list

    3、删除镜像

    1)进入docker registry的容器中

    docker exec -it registry /bin/sh

    2) 删除repo

    rm -fr /var/lib/registry/docker/registry/v2/repositories/nginx

    3) 清除掉:blob

    registry garbage-collect /etc/docker/registry/config.yml

    https://www.qstack.com.cn/archives/350.html
  • 相关阅读:
    第07组 Beta冲刺(1/5)
    软工实践个人总结
    SDN大作业
    第08组 Beta版本演示
    2019 SDN上机第7次作业
    第08组 Beta冲刺(5/5)
    第08组 Beta冲刺(4/5)
    第08组 Beta冲刺(3/5)
    第08组 Beta冲刺(2/5)
    2019 SDN上机第6次作业
  • 原文地址:https://www.cnblogs.com/luoahong/p/10284186.html
Copyright © 2011-2022 走看看