仓库镜像,Docker hub官方已提供容器镜像registry,用于搭建私有仓库
拉取镜像:
[root@xingdian ~]# docker pull daocloud.io/library/registry:latest
运行容器:
[root@xingdian ~]# docker run --restart=always -d -p 5000:5000 daocloud.io/library/registry
注:如果创建容器不成功,报错防火墙,解决方案如下
[root@xingdian ~]# systemctl stop firewalld
[root@xingdian ~]# systemctl restart docker
查看运行的容器:
[root@xingdian ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1f444285bed8 daocloud.io/library/registry "/entrypoint.sh /etc/" 23 seconds ago Up 21 seconds 0.0.0.0:5000->5000/tcp elegant_rosalind
连接容器查看端口状态:
[root@xingdian ~]# docker exec -it 1f444285bed8 /bin/sh //这里是sh 不是bash
/ # netstat -antpl //查看5000端口是否开启(容器内查看)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 :::5000 :::* LISTEN 1/registry
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Path
在本机查看能否访问该私有仓库, 看看状态码是不是200:
[root@xingdian registry]# curl -I 127.0.0.1:5000
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Thu, 08 Oct 2020 05:34:32 GMT
为了方便,下载1个比较小的镜像,buysbox:
[root@xingdian registry]# docker pull busybox
上传前必须给镜像打tag 注明ip和端口:
[root@xingdian ~]# docker tag busybox 本机IP:端口/busybox
这是直接从官方拉的镜像,很慢:
[root@xingdian ~]# docker tag busybox 192.168.245.136:5000/busybox
下面这个Mysql是我测试的第二个镜像,从daocloud拉取的:
[root@xingdian ~]# docker tag daocloud.io/library/mysql 192.168.245.136:5000/daocloud.io/library/mysql
注意:
tag后面可以使用镜像名称也可以使用id,我这里使用的镜像名称,如果使用官方的镜像,不需要加前缀,但是daocloud.io的得加前缀
修改请求方式为http:
默认为https,不改会报以下错误:
Get https://master.up.com:5000/v1/_ping: http: server gave HTTP response to HTTPS client
[root@xingdian ~]# vim /etc/docker/daemon.json
{ "insecure-registries":["192.168.245.136:5000"] }
重启docker:
[root@xingdian ~]# systemctl restart docker
上传镜像到私有仓库:
[root@xingdian ~]# docker push 192.168.245.136:5000/busybox
[root@xingdian ~]# docker push 192.168.245.136:5000/daocloud.io/library/mysql
查看私有仓库里的所有镜像:
[root@xingdian ~]# curl 192.168.245.130:5000/v2/_catalog
{"repositories":["busybox"]}
查看私有仓库里的镜像版本:
[root@docker ~]# curl 10.11.67.110:5000/v2/busybox/tags/list
{"name":"busybox","tags":["v1","v2"]}
[root@docker ~]# curl -XGET http://10.11.67.110:3000/v2/busybox/tags/list
{"name":"busybox","tags":["v1","v2"]}
查询镜像digest_hash,删除命令里边要填写的 镜像digest_hash 就是 查询结果里边 Docker-Content-Digest: 后边的内容
[root@docker ~]# curl --header "Accept:application/vnd.docker.distribution.manifest.v2+json" -I -XGET http://10.11.67.110:3000/v2/busybox/manifests/v1
HTTP/1.1 200 OK
Content-Length: 527
Content-Type: application/vnd.docker.distribution.manifest.v2+json
Docker-Content-Digest: sha256:c9249fdf56138f0d929e2080ae98ee9cb2946f71498fc1484288e6a935b5e5bc
Docker-Distribution-Api-Version: registry/2.0
Etag: "sha256:c9249fdf56138f0d929e2080ae98ee9cb2946f71498fc1484288e6a935b5e5bc"
X-Content-Type-Options: nosniff
Date: Thu, 12 Nov 2020 07:29:46 GMT
删除私有库镜像
进入/etc/docker/registry/config.yml添加,在stroage后面加
delete
enabled: true
修改完后重新启动容器
[root@docker ~]# curl -I -XDELETE http://10.11.67.110:3000/v2/busybox/manifests/sha256:c9249fdf56138f0d929e2080ae98ee9cb2946f71498fc1484288e6a935b5e5bc
HTTP/1.1 202 Accepted
Docker-Distribution-Api-Version: registry/2.0
X-Content-Type-Options: nosniff
Date: Thu, 12 Nov 2020 07:30:22 GMT
Content-Length: 0
查看镜像信息可以看到镜像的标签显示为空 null
[root@docker ~]# curl -XGET http://10.11.67.110:3000/v2/busybox/tags/list
{"name":"busybox","tags":null}
1.容器网络
docker安装后,默认会创建三种网络类型,bridge、host和none
显示当前网络:
[root@xingdian ~]# docker network list
NETWORK ID NAME DRIVER SCOPE
90b22f633d2f bridge bridge local
e0b365da7fd2 host host local
da7b7a090837 none null local
bridge:网络桥接
默认情况下启动、创建容器都是用该模式,所以每次docker容器重启时会按照顺序获取对应ip地址,这就导致容器每次重启,ip都发生变化
none:无指定网络
启动容器时,可以通过network=none,docker容器不会分配局域网ip
host:主机网络
docker容器的网络会附属在主机上,两者是互通的
2.创建固定ip容器
创建自定义网络类型,并且指定网段:
[root@xingdian ~]# docker network create --subnet=192.168.0.0/16 staticnet
通过docker network ls可以查看到网络类型中多了一个staticnet
使用新的网络类型创建并启动容器:
[root@xingdian ~]# docker run -it --name userserver --net staticnet --ip 192.168.0.2 centos:6 /bin/bash
通过docker inspect可以查看容器ip为192.168.0.2,关闭容器并重启,发现容器ip并未发生改变