版权声明:本文为博主原创文章,转载请指明地址。 https://blog.csdn.net/Mr_rsq/article/details/84847659
docker-distribution
- Registry用于保存docker镜像,包括镜像的层次结构和元数据
- 用户可自建Registry,也可使用官方的Docker Hub
分类:
- Sponsor Registry: 第三方的registry,供客户和Docker社区使用
- Mirror Registry: 第三方的registry,只让客户使用
- Vendor Registry: 由发布Docker镜像的供应商提供registry
- Private Registry: 通过设有防火墙和额外的安全层的私有实体提供的registry
本地部署私有registry,yum安装docker-registry,会安装docker-distribution包
[root@docker-node2 ~]# yum install docker-registry -y
[root@docker-node2 ~]# rpm -qa docker-distribution
docker-distribution-2.6.2-2.git48294d9.el7.x86_64
[root@docker-node2 ~]# rpm -ql docker-distribution
/etc/docker-distribution/registry/config.yml
/usr/bin/registry
/usr/lib/systemd/system/docker-distribution.service # 服务脚本
/usr/share/doc/docker-distribution-2.6.2
/usr/share/doc/docker-distribution-2.6.2/AUTHORS
/usr/share/doc/docker-distribution-2.6.2/CONTRIBUTING.md
/usr/share/doc/docker-distribution-2.6.2/LICENSE
/usr/share/doc/docker-distribution-2.6.2/MAINTAINERS
/usr/share/doc/docker-distribution-2.6.2/README.md
/var/lib/registry # 镜像存放位置
[root@docker-node2 ~]# cd /etc/docker-distribution/registry/
[root@docker-node2 registry]# ls
config.yml
[root@docker-node2 registry]# cat config.yml
version: 0.1
log:
fields:
service: registry
storage:
cache:
layerinfo: inmemory # 缓存在内存
filesystem:
rootdirectory: /var/lib/registry # 镜像仓库本地位置
http:
addr: :5000 # 默认端口
# 启动服务
[root@docker-node2 ~]# systemctl start docker-distribution
[root@docker-node2 ~]# ss -tnl | grep 5000
LISTEN 0 128 :::5000 :::*
# 把docker-node1中做的镜像PUSH到docker-node2仓库中,先把镜像打标签
[root@docker-node1 ~]# docker tag rsqhttpd:v0.3-6 node2.docker.com:5000/rsqhttpd:v0.3-6
[root@docker-node1 ~]# docker images
# 此时如果直接PUSH到本地仓库会报错
# 因为默认本地仓库支持的是http,而客户端支持的是https,所以要把本地安全保护给修改下
[root@docker-node1 ~]# docker push node2.docker.com:5000/rsqhttpd:v0.3-6
The push refers to repository [node2.docker.com:5000/rsqhttpd]
Get https://node2.docker.com:5000/v2/: http: server gave HTTP response to HTTPS client
[root@docker-node1 ~]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://3po4uu60.mirror.aliyuncs.com","https://registry.docker-cn.com"],
"insecure-registries": ["node2.docker.com:5000"] # 内网要做hosts解析
}
[root@docker-node1 ~]# vim /etc/hosts
10.0.0.102 node2.docker.com
[root@docker-node1 ~]# systemctl restart docker # 重启docker
# 再次PUSH
[root@docker-node1 ~]# docker push node2.docker.com:5000/rsqhttpd
The push refers to repository [node2.docker.com:5000/rsqhttpd]
e0e59e63950f: Pushed
799a06476d07: Pushed
9a07ffbe3d7d: Pushed
955e7d7f7300: Pushed
95bb4e754f2d: Pushed
ebf12965380b: Pushed
v0.3-6: digest: sha256:01d88616d5417b2a791fd91630e1d69f6abdb7ae2fbf5f53f42e658a574421e5 size: 1568
# 去node2查看
[root@docker-node2 ~]# cd /var/lib/registry/docker/registry/v2/repositories/
[root@docker-node2 repositories]# ll
total 0
drwxr-xr-x. 5 root root 55 Nov 26 10:31 rsqhttpd
# 若有docker想push或者pull镜像,则都需要修改/etc/docker/daemon.json文件,把registry标记为非安全的registry
vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://3po4uu60.mirror.aliyuncs.com","https://registry.docker-cn.com"],
"insecure-registries": ["node2.docker.com:5000"] # 内网要做hosts解析
}
END!