一 公共仓库Docker Hub
1 查找下载镜像
可以在https://hub.docker.com 免费注册一个Docker账号。在命令行执行docker login输入用户名及密码来完成在命令行界面登记Docker Hub。你可以通过docker logout退出登录。
可以通过docker search命令来查找官方仓库中的镜像,并利用docker pull命令来将它下载到本地。
[root@slave1 ~]# docker pull hello-world
Using default tag: latest
latest: Pulling from library/hello-world
2db29710123e: Pull complete
Digest: sha256:2498fce14358aa50ead0cc6c19990fc6ff866ce72aeb5546e1d59caac3d0d60f
Status: Downloaded newer image for hello-world:latest
docker.io/library/hello-world:latest
[root@slave1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest feb5d9fea6a5 2 months ago 13.3kB
2 推送镜像
用户也可以在登录后通过docker push命令来将自己的镜像推送到Docker Hub
# 修改本地镜像的名字为账号名/镜像名
[root@slave1 ~]# docker tag feb5d9fea6a5 beifanggebitan/helloworld:1.1
[root@slave1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
beifanggebitan/helloworld 1.1 feb5d9fea6a5 2 months ago 13.3kB
hello-world latest feb5d9fea6a5 2 months ago 13.3kB
# 可以看到多出一个自己命名的镜像
# 进行推送
[root@slave1 ~]# docker push beifanggebitan/helloworld:1.1
The push refers to repository [docker.io/beifanggebitan/helloworld]
e07ee1baac5f: Mounted from library/hello-world
1.1: digest: sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4 size: 525
查看docker hub中有了自己的新创建的镜像
二 私有仓库
用户可以创建一个本地仓库供私人使用。比如,基于公司内部项目构建的镜像。docker-registry是官方提供的工具,可以用于构建私有的镜像仓库。
1 安装运行docker-registry
通过获取官方registry镜像来运行。默认情况下,仓库会被创建在容器的/var/lib/registry目录下。可以通过-v参数来将镜像文件存放在本地的指定路径。
[root@slave1 ~]# docker run --name registry -d -p 5000:5000 --restart=always -v /opt/data/registry:/var/lib/registry registry
Unable to find image 'registry:latest' locally
latest: Pulling from library/registry
79e9f2f55bf5: Pull complete
0d96da54f60b: Pull complete
5b27040df4a2: Pull complete
e2ead8259a04: Pull complete
3790aef225b9: Pull complete
Digest: sha256:169211e20e2f2d5d115674681eb79d21a217b296b43374b8e39f97fcf866b375
Status: Downloaded newer image for registry:latest
f304a349302cecee0b8a58e56f2417c2b9d5788a77848693c26fe60e69fde9fa
[root@slave1 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f304a349302c registry "/entrypoint.sh /etc…" 2 minutes ago Up 2 minutes 0.0.0.0:5000->5000/tcp registry
04c144bd58c8 mysql:5.6 "docker-entrypoint.s…" 6 hours ago Up 6 hours 0.0.0.0:3307->3306/tcp dockermysql
2 在私有仓库上传、搜索、下载镜像
创建好私有仓库之后,就可以使用docker tag来标记一个镜像,然后推送它到仓库。先在本机查看已有的镜像。
[root@slave1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
beifanggebitan/mysql 1.1 0befd40a091b 2 weeks ago 303MB
mysql 5.6 0befd40a091b 2 weeks ago 303MB
registry latest b8604a3fe854 5 weeks ago 26.2MB
beifanggebitan/helloworld 1.1 feb5d9fea6a5 2 months ago 13.3kB
hello-world latest feb5d9fea6a5 2 months ago 13.3kB
registry.aliyuncs.com/k8sxio/kube-proxy v1.20.1 e3f6fcd87756 12 months ago 118MB
swr.cn-east-2.myhuaweicloud.com/kuboard-dependency/pod2daemon-flexvol v3.17.1 819d15844f0c 12 months ago 21.7MB
swr.cn-east-2.myhuaweicloud.com/kuboard-dependency/cni v3.17.1 64e5dfd8d597 12 months ago 128MB
swr.cn-east-2.myhuaweicloud.com/kuboard-dependency/node v3.17.1 183b53858d7d 12 months ago 165MB
swr.cn-east-2.myhuaweicloud.com/kuboard-dependency/typha v3.17.1 919a16510f41 12 months ago 51.5MB
swr.cn-east-2.myhuaweicloud.com/kuboard-dependency/nginx-ingress 1.9.1 9f0f31ded0ed 13 months ago 177MB
registry.aliyuncs.com/k8sxio/pause 3.2 80d28bedfe5d 22 months ago 683kB
使用docker tag将hello-world:latest这个镜像标记为127.0.0.1:5000/hello-world:latest
# 命令格式为docker tag IMAGE[:TAG][REGISTRYHOST[:REGISTRYPORT]/]REPOSITORY[:TAG]
[root@slave1 ~]# docker tag feb5d9fea6a5 127.0.0.1:5000/hello-world:latest
root@slave1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 5.6 0befd40a091b 2 weeks ago 303MB
beifanggebitan/mysql 1.1 0befd40a091b 2 weeks ago 303MB
registry latest b8604a3fe854 5 weeks ago 26.2MB
hello-world latest feb5d9fea6a5 2 months ago 13.3kB
127.0.0.1:5000/hello-world latest feb5d9fea6a5 2 months ago 13.3kB
使用docker push上传标记的镜像
[root@slave1 ~]# docker push 127.0.0.1:5000/hello-world:latest
The push refers to repository [127.0.0.1:5000/hello-world]
e07ee1baac5f: Pushed
latest: digest: sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4 size: 525
删除本机镜像,从本仓库拉取
[root@slave1 ~]# docker rmi 127.0.0.1:5000/hello-world:latest
Untagged: 127.0.0.1:5000/hello-world:latest
Untagged: 127.0.0.1:5000/hello-world@sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4
[root@slave1 ~]# docker images # 查看确定删除
# 重新拉取
[root@slave1 ~]# docker pull 127.0.0.1:5000/hello-world
Using default tag: latest
latest: Pulling from hello-world
Digest: sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4
Status: Downloaded newer image for 127.0.0.1:5000/hello-world:latest
127.0.0.1:5000/hello-world:latest
三 内部公用私有仓库
如果不想使用127.0.0.1:5000作为仓库地址,比如想让本网段的其他主机也能把镜像推送到私有仓库。你就得把例如192.168.247.131:5000这样的内网地址作为私有仓库地址,这时你会发现无法成功推送镜像。
解决方式
对于使用systemd的系统,请在/etc/docker/daemon.json中写入如下内容(如果文件不存在请新建该文件)
[root@wangjie ~]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://y9dcj41b.mirror.aliyuncs.com"] ,
"insecure-registries":["192.168.247.131:5000"]
}
# 验证成功
[root@wangjie ~]# systemctl restart docker
[root@wangjie ~]# docker pull 192.168.247.131:5000/hello-world
Using default tag: latest
latest: Pulling from hello-world
Digest: sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4
Status: Downloaded newer image for 192.168.247.131:5000/hello-world:latest
192.168.247.131:5000/hello-world:latest