有时候使用docker hub不方便,毕竟在国外,而且也有安全风险。所以我们就需要自己搭建一个registry,docker-registry是官方提供的工具,可以用于构建私有的镜像仓库。
docker run -d -p 5000:5000 --restart=always --name registry registry
使用官方的registry镜像来启动私有仓库,默认情况下/var/lib/registry目录下。-v 可以指定目录,将镜像内的路径指向到本地
docker run -d -p 5000:5000 -v /opt/data/registry:/var/lib/registry registry
创建好私有仓库之后,就可以进行像HUB一样的使用,此时最好重启一下docker
本机镜像仓库只能识别registry是仓库名的镜像,这时需要吧docker images打一个本地的tag
docker tag image_name 127.0.0.1:5000/image_name:tag
docker push images //推上本地的仓库
本地registry 没有web页面,可以通关过curl进行查看
curl 127.0.0.0:5000/v2/_catalog
如果不想使用127这个地址,需要使用一个ABC的私有地址,需要添加registry到信任点
因为docker默认不允许非https方式推送镜像,我们可以通过docker的配置选项来取消这个限制
root@rancher:~# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://l72pvsl6.mirror.aliyuncs.com"],
"insecure-registries":["10.157.138.40:5000"]
}
root@rancher:~# docker tag nginx:v3 10.117.18.40:5000/nginx:sos //tag一个镜像
root@rancher:~# docker images //查看本地镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
10.157.138.40:5000/nginx sos 245f20e19542 5 days ago 142MB //tag的
gogodocker887/nginx index 245f20e19542 5 days ago 142MB
nginx v3 245f20e19542 5 days ago 142MB
nginx v2 51921ca567f7 5 days ago 142MB
nginx latest c316d5a335a5 4 weeks ago 142MB
debian latest 6f4986d78878 2 months ago 124MB
registry latest b8604a3fe854 3 months ago 26.2MB
hello-world latest feb5d9fea6a5 5 months ago 13.3kB
ubuntu 16.04 b6f507652425 5 months ago 135MB
root@rancher:~# docker push 10.117.18.40:5000/nginx:sos //推到本地registry
The push refers to repository [10.117.18.40:5000/nginx]
31da2b5a0606: Layer already exists
762b147902c0: Layer already exists
235e04e3592a: Layer already exists
6173b6fa63db: Layer already exists
9a94c4a55fe4: Layer already exists
9a3a6af98e18: Layer already exists
7d0ebbe3f5d2: Layer already exists
sos: digest: sha256:402d637b34d345cd97ff5d75d2d4ff72c56f6b481cf1b5a20b95e71e0f8433f7 size: 1777
root@rancher:~# curl 10.117.18.40:5000/v2/_catalog //看一下本地registry 有没有
{"repositories":["debian","nginx"]}
root@rancher:~# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
10.157.138.40:5000/nginx sos 245f20e19542 5 days ago 142MB
gogodocker887/nginx index 245f20e19542 5 days ago 142MB
nginx v3 245f20e19542 5 days ago 142MB
nginx v2 51921ca567f7 5 days ago 142MB
nginx latest c316d5a335a5 4 weeks ago 142MB
debian latest 6f4986d78878 2 months ago 124MB
registry latest b8604a3fe854 3 months ago 26.2MB
hello-world latest feb5d9fea6a5 5 months ago 13.3kB
ubuntu 16.04 b6f507652425 5 months ago 135MB
root@rancher:~# docker rmi 10.117.18.40:5000/nginx:sos //删除刚才tag的
Untagged: 10.157.138.40:5000/nginx:sos
Untagged: 10.157.138.40:5000/nginx@sha256:402d637b34d345cd97ff5d75d2d4ff72c56f6b481cf1b5a20b95e71e0f8433f7
root@rancher:~# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx v3 245f20e19542 5 days ago 142MB
gogodocker887/nginx index 245f20e19542 5 days ago 142MB
nginx v2 51921ca567f7 5 days ago 142MB
nginx latest c316d5a335a5 4 weeks ago 142MB
debian latest 6f4986d78878 2 months ago 124MB
registry latest b8604a3fe854 3 months ago 26.2MB
hello-world latest feb5d9fea6a5 5 months ago 13.3kB
ubuntu 16.04 b6f507652425 5 months ago 135MB
root@rancher:~# docker pull 10.117.18.40:5000/nginx:sos //通过IP pull一个registry
sos: Pulling from nginx
Digest: sha256:402d637b34d345cd97ff5d75d2d4ff72c56f6b481cf1b5a20b95e71e0f8433f7
Status: Downloaded newer image for 10.117.18.40:5000/nginx:sos
10.117.18.40:5000/nginx:sos
root@rancher:~# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
10.117.18.40:5000/nginx sos 245f20e19542 5 days ago 142MB
gogodocker887/nginx index 245f20e19542 5 days ago 142MB
nginx v3 245f20e19542 5 days ago 142MB
nginx v2 51921ca567f7 5 days ago 142MB
nginx latest c316d5a335a5 4 weeks ago 142MB
debian latest 6f4986d78878 2 months ago 124MB
registry latest b8604a3fe854 3 months ago 26.2MB
hello-world latest feb5d9fea6a5 5 months ago 13.3kB
ubuntu 16.04 b6f507652425 5 months ago 135MB
// insecure-registries 授信
root@rancher:~# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://l72pvsl6.mirror.aliyuncs.com"],
"insecure-registries":["10.117.18.40:5000"]
}