私有仓库镜像registry 没有图形界面
本次实验docker 版本为26.1.4
1、关闭防火墙&拉取镜像
[root@docker ~]# systemctl stop firewalld # 关闭系统防火墙
[root@docker ~]# setenforce 0 # 关闭内核防火墙
[root@docker ~]# systemctl start docker # 开启docker容器
[root@docker ~]# docker pull registry:latest # 拉取registry镜像
2、查看本地镜像
3、运行容器
[root@docker ~]# docker run -itd --name pri_registry --restart=always -v /home/dockerdata/registry:/var/lib/registry: -p 5000:5000 registry:latest
daee11b3d4cae53688fdc43b208ee14d49e9412cff855502e613a272a74b937a
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
daee11b3d4ca registry:latest "/entrypoint.sh /etc…" 23 seconds ago Up 22 seconds 0.0.0.0:5000->5000/tcp, :::5000->5000/tcp pri_registry
参数解释:
/home/dockerdata/registry表示为宿主机的目录,不存在不用手动创建,是自动创建的
-v映射目录: 宿主机的目录:容器目录
把宿主机的目录挂载到容器中,将数据目录挂载出来就是为了防止docker私有仓库这个容器被删除的时候,仓库里面的镜像也被删除。
-p 端口映射:本地端口:容器端口
4、进入容器查看端口状态
[root@docker ~]# docker exec -it pri_registry /bin/sh
/ # netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 :::5000 :::* LISTEN 1/registry
5、本地访问私有仓库
查看本地是否可以访问私有仓库,弹出200ok说明可以正常访问
[root@docker ~]# curl -I http://127.0.0.1:5000
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sat, 07 Sep 2024 14:52:40 GMT
6、准备镜像文件,测试私有仓库
(本次实验拉取一个比较小的镜像文件busybox)
[root@docker ~]# docker pull daocloud.io/library/busybox # 拉取busybox
Using default tag: latest
latest: Pulling from library/busybox
8b3d7e226fab: Pull complete
Digest: sha256:410a07f17151ffffb513f942a01748dfdb921de915ea6427d61d60b0357c1dcd
Status: Downloaded newer image for daocloud.io/library/busybox:latest
daocloud.io/library/busybox:latest
[root@docker ~]# docker images # 查看本地镜像
7、给镜像打上标签,注明ip和端口
[root@docker ~]# docker tag daocloud.io/library/busybox:latest 192.168.80.142:5000/busybox:latest
[root@docker ~]# docker images # 查看打过标签的镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 39286ab8a5e1 3 weeks ago 188MB
mysql 5.7.44 5107333e08a8 8 months ago 501MB
registry latest 75ef5b734af4 11 months ago 25.4MB
centos 7 eeb6ee3f44bd 2 years ago 204MB
192.168.80.142:5000/busybox latest a9d583973f65 3 years ago 1.23MB
daocloud.io/library/busybox latest a9d583973f65 3 years ago 1.23MB
8、上传镜像到私有仓库 ------发现报错
[root@docker ~]# docker push 192.168.80.142:5000/busybox:latest
The push refers to repository [192.168.80.142:5000/busybox]
Get "https://192.168.80.142:5000/v2/": http: server gave HTTP
response to HTTPS client
报错原因:Docker Registry没有配置为支持HTTPS:在此处Docker Registry是为了测试目的,那么它在使用默认的非安全端口(如5000),并且没有配置TLS(传输层安全)证书来支持HTTPS
Docker Registry正在监听HTTP请求而不是HTTPS请求
9、更改请求方式
请求方式修改为http,在加速器配置文件添加 { "insecure-registries":["192.168.80.142:5000"] }
[root@docker ~]# vim /etc/docker/daemon.json
{ "insecure-registries":["192.168.80.142:5000"] }
注:上面一部分为镜像加速器,后面一定要跟逗号,第二部分是仓库地址
# 重启docker
[root@docker ~]# systemctl restart docker
10、上传镜像到私有仓库
[root@docker ~]# docker push 192.168.80.142:5000/busybox:latest
The push refers to repository [192.168.80.142:5000/busybox]
2983725f2649: Pushed
latest: digest: sha256:410a07f17151ffffb513f942a01748dfdb921de915
ea6427d61d60b0357c1dcd size: 527
11、在宿主机查看存放镜像目录
[root@docker ~]# ls /home/dockerdata/registry/docker/registry/v2/repositories/
12、查看私有仓库里面的镜像
[root@docker ~]# curl http://192.168.80.142:5000/v2/busybox/tags/list
{"name":"busybox","tags":["latest"]}
13、从私有仓库拉取镜像测试
先删除打了tag的镜像
再从私有仓库拉取镜像
[root@docker ~]# docker pull 192.168.80.142:5000/busybox
Using default tag: latest
latest: Pulling from busybox
Digest: sha256:410a07f17151ffffb513f942a01748dfdb921de915ea6427d61d60b0357c1dcd
Status: Downloaded newer image for 192.168.80.142:5000/busybox:latest
192.168.80.142:5000/busybox:latest
拉取成功,实验完成