table of Contents
Explanation
Private warehouse steps to build a docker record
Introduction
docker image can be hosted in dockerhub, managed to github with the code base is a reason. But if we do not want to put dockerhub docker public image, the image in just want to share docker internal department or team, you can not be the same in terms gitlab build private warehouse it? The answer is yes, docker also supports image saved to a private warehouse. The following will verify docker native open source warehouse and private warehouse, and analyze its characteristics.
principle
Docker core of the model is effective use of layered mirrored mechanism, the mirror can be inherited by layering, on the base image, you can produce a variety of specific applications image. Docker different containers can share some basic file system layer, and together with their own unique change layer, greatly improving the efficiency of storage. Since the mirror is finally tar.gz manner static storage on the server side, this applies to objects stored in the storage block is stored instead.
A docker pull (ie, the user pulls the mirror from the client to the warehouse), interactions take place
- The client requests to the index ubuntu mirror Download
- Index Reply: warehouse A, ubuntu mirror checksum (Checksum) and all layers located Token ubuntu
- All layers (A warehouse responsible for storing ubuntu, and it depends layer) client requests to the repository A ubuntu
- A warehouse initiates a request to the index, verify the legitimacy of user Token
- The request is legitimate return index
- Client download all the layers from the warehouse, the warehouse get the actual file data from the back-end storage, back to the client
Set up
The direct use of yum
installationdocker-registry
[root@registory ~]# yum install docker-registry -y
[root@registory ~]# rpm -ql docker-distribution # 查看安装包详细信息
/etc/docker-distribution/registry/config.yml # 配置文件
/usr/bin/registry # 启动明命令
/usr/lib/systemd/system/docker-distribution.service # 服务启动脚本
/usr/share/doc/docker-distribution-2.6.2
/usr/share/doc/docker-distribution-2.6.2/AUTHORS
/usr/share/doc/docker-distribution-2.6.2/CONTRIBUTING.md
/usr/share/doc/docker-distribution-2.6.2/LICENSE
/usr/share/doc/docker-distribution-2.6.2/MAINTAINERS
/usr/share/doc/docker-distribution-2.6.2/README.md
/var/lib/registry # Docker 镜像存放的目录
View profile
[root@registory ~]# cat /etc/docker-distribution/registry/config.yml
version: 0.1
log:
fields:
service: registry # 服务名称
storage:
cache:
layerinfo: inmemory
filesystem:
rootdirectory: /var/lib/registry # 镜像存放目录,可以根据情况修改
http:
addr: :5000 # 端口,这里需要根据实际情况来修改为 80 或者 443
Here the first without modification, easy to install and use.
start up
[root@registory ~]# systemctl start docker-distribution
[root@registory ~]# ps aux|grep registry
root 20843 0.0 0.8 307476 17476 ? Ssl 13:31 0:00 /usr/bin/registry serve /etc/docker-distribution/registry/config.yml
Upload and download Mirror Test
Upload Mirror Test
Note : By default, docker using https upload and download, this is a port 5000, so the need to manually configure the look
[root@registory ~]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://0tb09e4d.mirror.aliyuncs.com"], # 镜像加速
"insecure-registries": ["registry.kubernetes:5000"] # 这里列表中可配置多个
}
Note: The above registry.kubernetes
manual written hosts file, it is necessary to note that the machine needs to use the registry, need to be able to resolve.
[root@registory ~]# grep registry /etc/hosts
192.168.1.120 registry registry.kubernetes
Then feel free to upload a packaged image
[root@registory registry]# docker push registry.kubernetes:5000/myweb:v0.3-6
The push refers to repository [registry.kubernetes:5000/myweb]
cc7d034b0d81: Pushed
b9a751a05ed2: Pushed
076c58d2644f: Pushed
b2cbae4b8c15: Pushed
5ac9a5170bf2: Pushed
a464c54f93a9: Pushed
v0.3-6: digest: sha256:016196f127de6b4b726f0ea466216567903ad8c4820cf37b62559ea78d7f2ec3 size: 1567
Download Mirror Test
Also you need to manually configure hosts parsing and docker modify configuration files
[root@node03 ~]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://0tb09e4d.mirror.aliyuncs.com"], # 镜像加速
"insecure-registries": ["registry.kubernetes:5000"] # 这里列表中可配置多个
}
[root@node03 ~]# grep registry /etc/hosts
192.168.1.120 registry registry.kubernetes
Action Review
[root@node03 ~]# docker image pull registry.kubernetes:5000/myweb:v0.3-6
v0.3-6: Pulling from myweb
bdf0201b3a05: Pull complete
3d0a573c81ed: Pull complete
8129faeb2eb6: Pull complete
3dc99f571daf: Pull complete
c77cad417662: Pull complete
f8733d9c3f79: Pull complete
Digest: sha256:016196f127de6b4b726f0ea466216567903ad8c4820cf37b62559ea78d7f2ec3
Status: Downloaded newer image for registry.kubernetes:5000/myweb:v0.3-6
registry.kubernetes:5000/myweb:v0.3-6
[root@node03 ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.kubernetes:5000/myweb v0.3-6 63478b4469e1 21 hours ago 16MB