Docker 仓库、harbor仓库
1. docker搭建私有仓库
下载registry镜像
[root@server3 ~]# docker search registry
[root@server3 ~]# docker pull registry
Using default tag: latest
latest: Pulling from library/registry
ddad3d7c1e96: Pull complete
6eda6749503f: Pull complete
363ab70c2143: Pull complete
5b94580856e6: Pull complete
12008541203a: Pull complete
[root@server3 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 4cdc5dd7eaad 2 weeks ago 133MB
registry latest 1fd8e1b0bb7e 3 months ago 26.2MB
[root@server3 ~]# mkdir docker
[root@server3 ~]# ls
[root@server3 ~]# docker images registry
REPOSITORY TAG IMAGE ID CREATED SIZE
registry latest 1fd8e1b0bb7e 3 months ago 26.2MB
[root@server3 ~]# docker history registry:latest
运行registry容器
[root@server3 ~]# docker run -d --name registry -p 5000:5000 -v /opt/registry:/var/lib/registry registry
[root@server3 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b8c186ef8ee2 registry "/entrypoint.sh /etc…" 10 seconds ago Up 9 seconds 0.0.0.0:5000->5000/tcp registry
[root@server3 ~]# netstat -antlp
[root@server3 ~]# ll -d /opt/registry/
drwxr-xr-x 2 root root 6 Jul 21 09:43 /opt/registry/
上传镜像到本地仓库,本地镜像在命名时需要加上仓库的ip和端口
[root@server3 ~]# docker tag registry:latest localhost:5000/registry:latest
[root@server3 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 4cdc5dd7eaad 2 weeks ago 133MB
localhost:5000/nginx latest 4cdc5dd7eaad 2 weeks ago 133MB
[root@server3 ~]# docker push localhost:5000/nginx
[root@server3 ~]# tree /opt/registry/
[root@server3 ~]# curl localhost:5000/v2/_catalog
{"repositories":["nginx"]}
docker 加密 认证
远程拉取仓库
[root@server2 ~]# cd /etc/docker/
[root@server2 docker]# vim daemon.json
[root@server2 docker]# systemctl reload docker
[root@server2 docker]# docker pull 172.25.16.1:5000/nginx
[root@server2 docker]# docker images
[root@server2 docker]# docker tag 172.25.16.3:5000/nginx nginx
[root@server2 docker]# docker images
[root@server2 docker]# docker run -d nginx
签名加密
[root@server3 ~]# mkdir -p certs
[root@server3 ~]# docker stop registry
registry
[root@server3 ~]# docker rm registry
registry
[root@server3