docker私有库与machine
docker私有库搭建
官方提供了Docker Hub作为一个公开的集中仓库,但是网速相对较慢,所以在内部网络中创建私有库会避免浪费资源的问题。
下载registry镜像
docker pull registry:2
##
目前Docker Registry已经升级到了v2,最新版的Docker已不再支持v1。
运行registry镜像
docker run -dit -p 5000:5000 --restart always -v /opt/data/registry:/var/lib/registry --name registry registry:2
上传镜像
##修改镜像标签
docker tag centos7:latest 192.168.1.10:5000/centos7
##上传
docker push 192.168.1.10:5000/centos7
报错
Error response from daemon: Get https://192.168.1.10:5000/v2/: http: server gave HTTP response to HTTPS client
这是因为docker在操作镜像仓库时(search、push、pull),默认使用HTTPS的方式
##解决方法
/usr/lib/systemd/system/docker.service :添加 --insecure-registry 192.168.1.10:5000
14 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry 192.168.1.10:5000
重启docker
systemctl daemon-reload
systemctl restart docker
再次上传
docker push 192.168.1.10:5000/centos7
The push refers to repository [192.168.1.10:5000/centos7]
25710d453e5e: Pushed
latest: digest: sha256:451fae30fb7fe79a29eec0d627645e0a21f337ce3d5a4a5b9d5b562dd9d9d553 size: 529
从私有库拉取镜像
##配置一台新的docker 修改 /usr/lib/systemd/system/docker.service :添加 --insecure-regi stry 192.168.1.10:5000
##查看库
curl 192.168.1.10:5000/v2/_catalog
{"repositories":["busybox","centos7"]}
拉取镜像
docker pull 192.168.1.10:5000/centos7
Using default tag: latest
latest: Pulling from centos7
bceb2a69fde3: Pull complete
Digest: sha256:451fae30fb7fe79a29eec0d627645e0a21f337ce3d5a4a5b9d5b562dd9d9d553
Status: Downloaded newer image for 192.168.1.10:5000/centos7:latest
192.168.1.10:5000/centos7:latest
查看
[root@bogon ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.1.10:5000/centos7 latest f9c9fbed3702 2 weeks ago 589MB
dockermachine搭建
Docker-machine是 Docker 官方提供的一个工具,它可以帮助我们在远程的机器上安装 Docker,或者在虚拟机 host 上直接安装虚拟机并在虚拟机中安装 Docker。我们还可以通过 docker-machine 命令来管理这些虚拟机和 Docker
环境:
dockermachine 192.168.1.10(docker环境下)
dockerhost1 192.168.1.20
dockerhost2 192.168.1.30
搭建machine
参考文档:https://docs.docker.com/machine/install-machine/
dockermachine:
base=https://github.com/docker/machine/releases/download/v0.16.0 &&
curl -L $base/docker-machine-$(uname -s)-$(uname -m) >/tmp/docker-machine &&
sudo mv /tmp/docker-machine /usr/local/bin/docker-machine &&
chmod +x /usr/local/bin/docker-machine
查看版本
docker-machine version
docker-machine version 0.16.0, build 9371605
查看machine命令
docker-machine
active inspect provision ssh url
config ip regenerate-certs start use
create kill restart status version
env ls rm stop
help mount scp upgrade
此时machine 是不具备TAB补全功能的,需要安装脚本
官网脚本:
base=https://raw.githubusercontent.com/docker/machine/v0.16.0
for i in docker-machine-prompt.bash docker-machine-wrapper.bash docker-machine.bash
do
sudo wget "$base/contrib/completion/bash/${i}" -P /etc/bash_completion.d
done
##显示访问不到网页是因为被墙了的原因
github网站脚本:
网址:https://github.com/docker/machine/tree/master/contrib/completion/bash
将网址下的三个脚本放到/etc/bash_completion.d或 /usr/local/etc/bash_completion.d
source 分别启动三个脚本
vim ~/.bashrc
添加:
PS1='[\u@\h \W$(__docker_machine_ps1)]\$ '
创建machine
准备工作
免密登录
ssh-keygen 一直回车
ssh-copy-id -i root@192.168.1.20
ssh-copy-id -i root@192.168.1.30
允许root ssh登录
##三台机子
vim /etc/ssh/sshd_config
##找到下行去掉注释
PermitRootLogin yes
启用visiblepw
##三台机子
vim /etc/sudoers
##找到下行去掉叹号
Defaults visiblepw
重启sshd
##三台机子
systemctl restart sshd
防火墙与selinux
##三台机子
##关闭防火墙或开启2376端口
systemctl stop firewalld
setenforce 0
创建
docker-machine create -d generic --generic-ip-address=192.168.1.20 host1
docker-machine create -d generic --generic-ip-address=192.168.1.30 host2
##等待时间较长因为会部署docker
查看
docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
host1 - generic Running tcp://192.168.1.20:2376 v19.03.11
host2 - generic Running tcp://192.168.1.30:2376 v19.03.11
管理
docker-machine env host1
export DOCKER_TLS_VERIFY="1"
export DOCKER_HOST="tcp://192.168.1.20:2376"
export DOCKER_CERT_PATH="/root/.docker/machine/machines/host1"
export DOCKER_MACHINE_NAME="host1"
# Run this command to configure your shell:
# eval $(docker-machine env host1)
复制最后一行进入host1
docker pull busybox
在host1查看
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 1c35c4412082 15 hours ago 1.22MB
切换到host2
eval $(docker-machine env host2)
docker pull busybox
docker run -dit busybox
##host2查看
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
eecd82e9f522 busybox "sh" 4 seconds ago Up 3 seconds determined_neumann