docker 实践(五)公共仓库及私有仓库
一、docker仓库说明Docker registries 可以上传和下载image,有共有和私有两种。共有就是Docker Hub,私有就是自建一个仓库使用。
二、docker hub使用
2.1.注册用户
注册地址:https://hub.docker.com
2.2.登陆上传镜像
2.2.1.查看镜像
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx-centos latest d6f680e9e2f5 3 hours ago 442MB
cent-ckl-http latest d3ec54e41d03 2 days ago 443MB
centos-ckl-ng latest 248da05fb49e 2 days ago 333MB
centos-vim latest 82fd472e3387 2 days ago 327MB
cent-vim latest 4659d1ec001d 2 days ago 225MB
centos latest 1e1148e4cc2c 11 days ago 202MB
nginx latest 568c4670fa80 2 weeks ago 109MB
ubuntu latest 93fd78260bd1 3 weeks ago 86.2MB
busybox latest 59788edf1f3e 2 months ago 1.15MB 2.2.2.上传之前自定义的镜像
命令补全:yum install bash-completion
登陆docker hub:
# docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: ckl
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded 为镜像打tag,为了区分不同的用户镜像,docker hub使用 '用户名/镜像名' 的格式,否则上传失败:
# docker push nginx-centos
The push refers to repository
910b14919137: Preparing
64f9c904f716: Preparing
e7ae32451785: Preparing
25a6d58a35a2: Preparing
0d57e2a37c8a: Preparing
071d8bd76517: Waiting
denied: requested access to the resource is denied 打镜像tag:
docker tag nginx-centos ckl893/nginx-centos 上传镜像:
# docker push ckl893/nginx-centos
The push refers to repository
910b14919137: Pushed
64f9c904f716: Pushed
e7ae32451785: Pushed
25a6d58a35a2: Pushed
0d57e2a37c8a: Pushed
071d8bd76517: Pushed
latest: digest: sha256:52ae885b133c966a059bcb9cf8031dd264c75c0ad5f4d08a8599aad6dcb85952 size: 1577 2.2.3.删除本地镜像,下载上传的镜像
删除本地镜像:
docker rmi d6f680e9e2f5# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
cent-ckl-http latest d3ec54e41d03 2 days ago 443MB
centos-ckl-ng latest 248da05fb49e 2 days ago 333MB
centos-vim latest 82fd472e3387 2 days ago 327MB
cent-vim latest 4659d1ec001d 3 days ago 225MB
centos latest 1e1148e4cc2c 11 days ago 202MB
nginx latest 568c4670fa80 2 weeks ago 109MB
ubuntu latest 93fd78260bd1 3 weeks ago 86.2MB
busybox latest 59788edf1f3e 2 months ago 1.15MB 下载已经上传的镜像:
docker pull ckl893/nginx-centos
Using default tag: latest
latest: Pulling from ckl893/nginx-centos
a02a4930cb5d: Already exists
b4294eb07bed: Pull complete
b81c82ea9ee0: Pull complete
d505886c9b92: Pull complete
56a178b649f6: Pull complete
7653590c7334: Pull complete
Digest: sha256:52ae885b133c966a059bcb9cf8031dd264c75c0ad5f4d08a8599aad6dcb85952
Status: Downloaded newer image for ckl893/nginx-centos:latest# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ckl893/nginx-centos latest d6f680e9e2f5 5 hours ago 442MB
cent-ckl-http latest d3ec54e41d03 2 days ago 443MB
centos-ckl-ng latest 248da05fb49e 2 days ago 333MB
centos-vim latest 82fd472e3387 2 days ago 327MB
cent-vim latest 4659d1ec001d 3 days ago 225MB
centos latest 1e1148e4cc2c 11 days ago 202MB
nginx latest 568c4670fa80 2 weeks ago 109MB
ubuntu latest 93fd78260bd1 3 weeks ago 86.2MB
busybox latest 59788edf1f3e 2 months ago 1.15MB 三、私有仓库(本地仓库)
3.1.下载registry镜像
# docker search registry
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
registry The Docker Registry 2.0 implementation for s… 2363
konradkleine/docker-registry-frontend Browse and modify your Docker registry in a … 211
hyper/docker-registry-web Web UI, authentication service and event rec… 156
atcol/docker-registry-ui A web UI for easy private/local Docker Regis… 111
distribution/registry WARNING: NOT the registry official image!!! … 56
....# docker pull registry
Using default tag: latest
latest: Pulling from library/registry
d6a5679aa3cf: Pull complete
ad0eac849f8f: Pull complete
2261ba058a15: Pull complete
f296fda86f10: Pull complete
bcd4a541795b: Pull complete
Digest: sha256:5a156ff125e5a12ac7fdec2b90b7e2ae5120fa249cf62248337b6d04abc574c8
Status: Downloaded newer image for registry:latest 3.2.搭建本地仓库
3.2.1.搭建仓库
# docker run -d -v /home/ckl/registry:/var/lib/registry -p 5000:5000 --restart=always --privileged=true --name ckl-registry registry:latest
-v /home/ckl/registry:/var/lib/registry 默认情况下,会将仓库存放于容器内的/var/lib/registry目录下,指定本地目录挂载到容器。
-p 5000:5000 端口映射
--restart=always1 在容器退出时总是重启容器,主要应用在生产环境
--privileged=true 在CentOS7中的安全模块selinux把权限禁掉了,参数给容器加特权,不加上传镜像会报权限错误OSError: Permission denied: ‘/tmp/registry/repositories/liibrary’)或者(Received unexpected HTTP status: 500 Internal Server Error)错误
--name ckl-registry 指定容器的名称
COMMAND_FAILED: '/sbin/iptables -t nat -A DOCKER -p tcp -d 0/0 --dport 8111 -j DNAT --to-destination 172.17.0.6:8111 ! -i docker0' failed: iptables: No chain/target/match by that name. 解决:
pkill docker
iptables -t nat -F
ifconfig docker0 down
brctl delbr docker0
service docker restart 再次运行成功:
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
37803352e3fa registry:latest "/entrypoint.sh /etc…" 4 seconds ago Up 2 seconds 0.0.0.0:5000->5000/tcp ckl-registry 3.2.2.为想上传的镜像打tag:
# docker tag cent-ckl-http 192.168.2.120:5000/cent-ckl-http#一定要带端口,不然,不知道传哪里 3.2.3.上传镜像到本地仓库:
# docker push 192.168.2.120:5000/cent-ckl-http
The push refers to repository
Get https://192.168.2.120:5000/v2/: dial tcp 192.168.2.120::5000: connect: connection refused 解决:
# vim /usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd --insecure-registry 192.168.2.120:5000-H unix:// 重启docker:
# systemctl daemon-reload
# systemctl restart docker.service 再次上传成功:
# docker push 192.168.2.120:5000/cent-ckl-http
The push refers to repository
99bfa91f28fa: Pushed
dd54c57d2f82: Pushed
56a34fc853e9: Pushed
071d8bd76517: Pushed
latest: digest: sha256:70cf9a97343265e191054268245fd77b18c5da7a8fe66168702c96711ba4ef0e size: 1163 3.2.4.删除本地镜像测试
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ckl893/nginx-centos latest d6f680e9e2f5 6 hours ago 442MB
192.168.2.120:5000/cent-ckl-http latest d3ec54e41d03 2 days ago 443MB
cent-ckl-http latest d3ec54e41d03 2 days ago 443MB
centos-ckl-ng latest 248da05fb49e 3 days ago 333MB
centos-vim latest 82fd472e3387 3 days ago 327MB
cent-vim latest 4659d1ec001d 3 days ago 225MB
centos latest 1e1148e4cc2c 11 days ago 202MB
nginx latest 568c4670fa80 2 weeks ago 109MB
ubuntu latest 93fd78260bd1 3 weeks ago 86.2MB
busybox latest 59788edf1f3e 2 months ago 1.15MB
registry latest 2e2f252f3c88 3 months ago 33.3MB 删除本地镜像:
# docker rmi 192.168.2.120:5000/cent-ckl-http
Untagged: 192.168.2.120:5000/cent-ckl-http:latest
Untagged: 192.168.2.120:5000/cent-ckl-http@sha256:70cf9a97343265e191054268245fd77b18c5da7a8fe66168702c96711ba4ef0e# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ckl893/nginx-centos latest d6f680e9e2f5 6 hours ago 442MB
cent-ckl-http latest d3ec54e41d03 2 days ago 443MB
centos-ckl-ng latest 248da05fb49e 3 days ago 333MB
centos-vim latest 82fd472e3387 3 days ago 327MB
cent-vim latest 4659d1ec001d 3 days ago 225MB
centos latest 1e1148e4cc2c 11 days ago 202MB
nginx latest 568c4670fa80 2 weeks ago 109MB
ubuntu latest 93fd78260bd1 3 weeks ago 86.2MB
busybox latest 59788edf1f3e 2 months ago 1.15MB
registry latest 2e2f252f3c88 3 months ago 33.3MB 从本地仓库拉取镜像:
# docker pull 192.168.2.120:5000/cent-ckl-http
Using default tag: latest
latest: Pulling from cent-ckl-http
Digest: sha256:70cf9a97343265e191054268245fd77b18c5da7a8fe66168702c96711ba4ef0e
Status: Downloaded newer image for 192.168.2.120:5000/cent-ckl-http:latest# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ckl893/nginx-centos latest d6f680e9e2f5 6 hours ago 442MB
192.168.2.120:5000/cent-ckl-http latest d3ec54e41d03 2 days ago 443MB
cent-ckl-http latest d3ec54e41d03 2 days ago 443MB
centos-ckl-ng latest 248da05fb49e 3 days ago 333MB
centos-vim latest 82fd472e3387 3 days ago 327MB
cent-vim latest 4659d1ec001d 3 days ago 225MB
centos latest 1e1148e4cc2c 11 days ago 202MB
nginx latest 568c4670fa80 2 weeks ago 109MB
ubuntu latest 93fd78260bd1 3 weeks ago 86.2MB
busybox latest 59788edf1f3e 2 months ago 1.15MB
registry latest 2e2f252f3c88 3 months ago 33.3MB 3.2.4.非本机上传镜像到私有registry
为镜像打tag:
# docker tag mysql:5.6 192.168.2.120:5000/mysql:5.6 上传镜像:
# docker push 192.168.2.120:5000/mysql:5.6
The push refers to a repository
Get https://192.168.2.120:5000/v1/_ping: http: server gave HTTP response to HTTPS client 解决:
# vim /etc/docker/key.json
{ "insecure-registries":["192.168.2.120:5000"] } 重启docker:
# systemctl restart docker.service 再次上传成功:
# docker push 192.168.2.120:5000/mysql:5.6
The push refers to a repository
119c93d6ccc5: Pushed
1dadbfda87dc: Pushed
89bb4ce949c4: Pushed
46ecad004d82: Pushed
dae415ebeca7: Pushed
3c392b9bb7a4: Pushed
2566141f200b: Pushed
0ad177796f33: Pushed
0f1205f1cd43: Pushed
a588c986cf97: Pushed
ef68f6734aa4: Pushed
5.6: digest: sha256:91651561a6bc037926b3ff5b1eed80d3c6c2a53064414b8e11a8d14317d5de56 size: 2621 4.仓库备份
仓库路径:/home/ckl/registry
# ls /home/ckl/registry/docker/registry/v2
blobsrepositories
# ls /home/ckl/registry/docker/registry/v2/repositories/
cent-ckl-httpmysql 备份仓库只需要备份:/home/ckl/registry 目录即可
谢谢分享
页:
[1]