搭建docker私有仓库

[root@localhost ~]# docker pull registry
[root@localhost ~]# cat /opt/registry/config.yml     #registry容器中/etc/docker/registry/目录下有该文件，增加删除私有仓库镜像功能

version: 0.1
log:
 fields:
 service: registry
storage:
 delete:
  enabled: true
 cache:
  blobdescriptor: inmemory
 filesystem:
  rootdirectory: /var/lib/registry
http:
 addr: :5000
 headers:
  X-Content-Type-Options: [nosniff]
health:
 storagedriver:
 enabled: true
 interval: 10s
 threshold: 3

[root@localhost ~]# docker run -d -p 5000:5000 --privileged=true -v /opt/registry:/var/lib/registry -v /opt/registry/config.yml:/etc/docker/registry/config.yml --name registry registry
# -v /opt/registry表示的宿主机中的registry目录，没有该目录会自动创建，/var/lib/registry表示容器内部的registry目录
[root@localhost ~]# docker exec -it [CONTAINER ID] sh    #进入registry容器
[root@localhost ~]# docker tag centos:610 10.10.80.10:5000/centos610
[root@localhost ~]# docker push 10.10.80.10:5000/centos610
The push refers to repository [10.10.80.10/centos610]
Get https://10.10.80.10/v2/: dial tcp 10.10.80.10:443: getsockopt: connection refused
[root@localhost ~]# vim /usr/lib/systemd/system/docker.service

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd --insecure-registry 10.10.80.10:5000

[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl restart docker.service
查询上传镜像的sha256的值(api方式)
[root@localhost ~]# curl --header "Accept: application/vnd.docker.distribution.manifest.v2+json" -I -X HEAD http://10.10.80.10:5000/v2/centos610/manifests/latest
查询上传镜像的sha256的值(进入镜像文件目录)
[root@localhost ~]# ll /opt/registry/docker/registry/v2/repositories/centos610/_manifests/revisions/sha256

total 0
drwxr-xr-x 2 root root 6 Jul  9 15:03 4c1f1ca8236a47428999a4e0730a714a07c6a4594b61c73e8f24c493fe8b3625

删除私有仓库镜像
[root@localhost ~]# curl -v -X DELETE http://10.10.80.10:5000/v2/centos610/manifests/sha256:4c1f1ca8236a47428999a4e0730a714a07c6a4594b61c73e8f24c493fe8b3625
登陆registry容器执行registry命令(垃圾回收)
[root@localhost ~]# docker exec -it 811f7a36ffd1 sh
/ # registry garbage-collect /etc/docker/registry/config.yml

参考链接：
      https://www.cnblogs.com/Tempted/p/7768694.html
      https://www.cnblogs.com/huanchupkblog/p/10843800.html
      https://www.cnblogs.com/maohai-kdg/p/13677650.html
      https://blog.csdn.net/weixin_43467082/article/details/86062949
      https://www.cnblogs.com/lkun/p/7990466.html
      https://www.linuxidc.com/Linux/2020-04/163009.htm
      https://www.jianshu.com/p/b93feaf43f37
      http://www.louisvv.com/archives/1130.html
      https://www.cnblogs.com/andy9468/p/10737228.html #Docker私有仓库搭建(加密和用户验证)
      https://blog.csdn.net/zsd498537806/article/details/79290732
      https://github.com/goharbor/harbor/releases    #harbor私有仓库
      https://www.cnblogs.com/wxwgk/p/13287336.html   #harbor搭建