准备一个Linux服务器,作为docker私服服务器,地址192.168.124.129
拉取私服镜像
docker pull docker.io/registry
运行镜像
docker run --name docker-registry -d -p 5000:5000 --restart=always registry
查看私服内的镜像
curl -X GET http://127.0.0.1:5000/v2/_catalog
创建自定义的仓库镜像存放目录
mkdir -p /home/docker/registry
迁移/var/lib/docker目录下面的文件到自定义的仓库镜像存放目录
cp -R /var/lib/docker/* /home/docker/registry/
开启远程访问,配置私服地址
vim /usr/lib/systemd/system/docker.service
添加
-H unix:///var/run/docker.sock -H 0.0.0.0:2375
--insecure-registry 192.168.124.129:5000 --graph=/home/docker/registry \
重新加载配置,重启docker
systemctl daemon-reload
systemctl restart docker.service
禁用SELINUX,需重启才能生效
vim /etc/selinux/config
将SELINUX=enforcing改为SELINUX=disabled
开放2375和5000端口
ps:配置完后的registries.service文件完整的内容为:
[root@localhost ~]# cat /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
After=network.target rhel-push-plugin.socket registries.service
Wants=docker-storage-setup.service
Requires=docker-cleanup.timer
[Service]
Type=notify
NotifyAccess=all
EnvironmentFile=-/run/containers/registries.conf
EnvironmentFile=-/etc/sysconfig/docker
EnvironmentFile=-/etc/sysconfig/docker-storage
EnvironmentFile=-/etc/sysconfig/docker-network
Environment=GOTRACEBACK=crash
Environment=DOCKER_HTTP_HOST_COMPAT=1
Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin
ExecStart=/usr/bin/dockerd-current -H unix:///var/run/docker.sock -H 0.0.0.0:2375 \
--add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \
--default-runtime=docker-runc \
--exec-opt native.cgroupdriver=systemd \
--userland-proxy-path=/usr/libexec/docker/docker-proxy-current \
--init-path=/usr/libexec/docker/docker-init-current \
--seccomp-profile=/etc/docker/seccomp.json \
--insecure-registry 192.168.124.129:5000 --graph=/home/docker/registry/ \
$OPTIONS \
$DOCKER_STORAGE_OPTIONS \
$DOCKER_NETWORK_OPTIONS \
$ADD_REGISTRY \
$BLOCK_REGISTRY \
$INSECURE_REGISTRY \
$REGISTRIES
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=0
Restart=on-abnormal
KillMode=process
[Install]
WantedBy=multi-user.target
私服搭建好后,然后我们新建一个SpringBoot项目,测试能否推送镜像到私服中。这里我搭建一个EurekaServer作为测试项目
pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.yj</groupId>
<artifactId>Docker</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging>
<name>Docker</name>
<url>http://maven.apache.org</url>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<docker.registry.host>192.168.124.129</docker.registry.host>
</properties>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.13.RELEASE</version>
<relativePath />
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-eureka-server</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>Edgware.SR5</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
<plugin>
<groupId>com.spotify</groupId>
<artifactId>docker-maven-plugin</artifactId>
<version>1.0.0</version>
<executions>
<execution>
<id>build-image</id>
<phase>package</phase>
<goals>
<goal>build</goal>
</goals>
</execution>
</executions>
<configuration>
<imageName>${docker.registry.host}:5000/eurekaserver</imageName>
<dockerHost>http://${docker.registry.host}:2375</dockerHost>
<dockerDirectory>${project.basedir}/src/main/docker</dockerDirectory>
<resources>
<resource>
<targetPath>/</targetPath>
<directory>${project.build.directory}</directory>
<include>${project.build.finalName}.jar</include>
</resource>
</resources>
</configuration>
</plugin>
</plugins>
</build>
</project>
Dockerfile文件
FROM java:8
VOLUME /tmp ARG JAR_FILE
ADD Docker-0.0.1-SNAPSHOT.jar app.jar
RUN bash -c 'touch /app.jar'
EXPOSE 8080
ENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"]
我们执行maven命令
package -DpushImage
推送镜像到私服
查看私服内是否有镜像了
[root@localhost ~]# curl -X GET http://127.0.0.1:5000/v2/_catalog
{"repositories":["eurekaserver"]}
我们再执行docker images 也能查看到镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.37.155:5000/eurekaserver latest 45361985899a 2 minutes ago 729 MB
运行该镜像
docker run -p 8080:8080 -t ImageID
访问该服务,看到了Eureka界面,说明项目成功运行起来了
http://192.168.124.129:8080
我们再准备一台Linux服务器192.168.124.130,观察是否可以从192.168.124.129私服服务器上面拉取镜像,并运行该镜像
vim /usr/lib/systemd/system/docker.service
添加私服地址
--insecure-registry 192.168.124.129:5000 \
启动
service docker start
拉取镜像
docker pull 192.168.124.129:5000/eurekaserver
查看镜像
docker images
运行镜像
docker run -p 8080:8080 -t ImageID
镜像拉取成功,并且在192.168.124.130主机上面也运行了起来,并且在私服服务器有新的镜像覆盖上去时(更新后,重新推送到私服),192.168.124.130再次 执行pull命令时,会拉取最新的镜像下来。
Docker可视化管理工具 Portainer
运行
运行
docker run -d -p 9000:9000 --restart=always -v /var/run/docker.sock:/var/run/docker.sock --name prtainer-test docker.io/portainer/portainer
访问
http://192.168.37.149:9000
可以对服务器上面的镜像,容器进行管理