1. 搜索registry镜像文件
docker search registry
2. 下载docker仓库镜像
docker pull registry
3. 检查镜像文件是否下载成功
[root@bogon ~]# docker images registry
REPOSITORY TAG IMAGE ID CREATED SIZE
registry latest b8604a3fe854 14 months ago 26.2MB
4. 运行registry镜像文件,生成仓库容器实例
[root@bogon /]# docker run -d -p 5000:5000 -v /data/docker_registry:/var/lib/registry --privileged=true --restart=always --name my_docker_registry registry
93537e8b9c4265a5a1bef5cb50970198b7685d18f3171c0f2994fe1770bb71ee
[root@bogon /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
93537e8b9c42 registry "/entrypoint.sh /etc…" 13 seconds ago Up 12 seconds 0.0.0.0:5000->5000/tcp, :::5000->5000/tcp my_docker_registry
--privileged=true 设置文件夹权限
--restart=always 设置docker启动后自启动
--name 设置容器名
-v /data/docker_registry:/var/lib/registry 设置容器卷挂载的宿主机目录,/data/docker_registry宿主机目录,/var/lib/registry docker容器卷
-d 后台运行
-p 设置端口映射,宿主机端口:容器内部端口
5. 私有仓库使用的是http协议,修改配置docker配置文件,并重启doker
cd /etc/docker/
vi daemon.json
在文件中增加 "insecure-registries": ["192.168.28.18:5000"] 配置,修改后文件如下:
{
"insecure-registries": ["192.168.28.18:5000"]
}
192.168.28.18为私有仓库宿主机IP地址。
重启docker
systemctl daemon-reload
systemctl restart docker
6. 配置仓库用户名密码
1) 检查服务器是否存在htpasswd命令
[root@bogon docker]# htpasswd --help
bash: htpasswd: 未找到命令...
2) 若不存在,则下载httpd-tools
yum install httpd-tools -y
3) 设置用户密码文件
mkdir -p /data/docker_registry/auth
htpasswd -Bbn mgy 123456 > /data/docker_registry/auth/htpasswd
4) 删除当前容器,重新启动registry
[root@bogon /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
93537e8b9c42 registry "/entrypoint.sh /etc…" 2 hours ago Up About an hour 0.0.0.0:5000->5000/tcp, :::5000->5000/tcp my_docker_registry
[root@bogon /]# docker rm -f 93537e8b9c42
93537e8b9c42
[root@bogon /]# docker run -d -p 5000:5000 -v /data/docker_registry:/var/lib/registry -v /data/docker_registry/auth:/auth -e REGISTRY_AUTH=htpasswd -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd --privileged=true --restart=always --name my_docker_registry registry
f280e18bf84624e6a67ffa6ad8cf276b1da8488c2d2a83873c32a4192013d9f3
[root@bogon /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f280e18bf846 registry "/entrypoint.sh /etc…" 5 seconds ago Up 4 seconds 0.0.0.0:5000->5000/tcp, :::5000->5000/tcp my_docker_registry
5) 检查用户名密码是否增加成功
//无密码,失败
[root@bogon /]# curl -X GET http://192.168.28.18:5000/v2/_catalog
{"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":[{"Type":"registry","Class":"","Name":"catalog","Action":"*"}]}]}
//有密码,成功
[root@bogon /]# curl -X GET http://192.168.28.18:5000/v2/_catalog -u mgy:123456
{"repositories":[]}
7.上传文件到私服
[root@bogon /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat latest fb5657adc892 13 months ago 680MB
//修改要上传的文件为私服规定格式 hostip:port/镜像名:tag
[root@bogon /]# docker tag tomcat:latest 192.168.28.18:5000/tomcat:latest
[root@bogon /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat latest fb5657adc892 13 months ago 680MB
192.168.28.18:5000/tomcat latest fb5657adc892 13 months ago 680MB
//无用户名密码可直接上传,有用户名密码失败
[root@bogon /]# docker push 192.168.28.18:5000/tomcat:latest
The push refers to repository [192.168.28.18:5000/tomcat]
3e2ed6847c7a: Preparing
bd2befca2f7e: Preparing
31892cc314cb: Waiting
11936051f93b: Waiting
no basic auth credentials
//登录私服
[root@bogon /]# docker login -u mgy -p 123456 http://192.168.28.18:5000/v2/_catalog
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
//再次上传镜像
[root@bogon /]# docker push 192.168.28.18:5000/tomcat:latest
The push refers to repository [192.168.28.18:5000/tomcat]
3e2ed6847c7a: Pushed
26a504e63be4: Pushed
8bf42db0de72: Pushed
31892cc314cb: Pushed
11936051f93b: Pushed
latest: digest: sha256:e6d65986e3b0320bebd85733be1195179dbce481201a6b3c1ed27510cfa18351 size: 2422
//检查是否上传成功
[root@bogon /]# curl -X GET http://192.168.28.18:5000/v2/_catalog -u mgy:123456
{"repositories":["tomcat"]}
8. 从私服下载镜像文件
[root@bogon /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.28.18:5000/tomcat latest fb5657adc892 13 months ago 680MB
tomcat latest fb5657adc892 13 months ago 680MB
//删除本地镜像
[root@bogon /]# docker rmi 192.168.28.18:5000/tomcat
Untagged: 192.168.28.18:5000/tomcat:latest
Untagged: 192.168.28.18:5000/tomcat@sha256:e6d65986e3b0320bebd85733be1195179dbce481201a6b3c1ed27510cfa18351
[root@bogon /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat latest fb5657adc892 13 months ago 680MB
//下载镜像文件
[root@bogon /]# docker pull 192.168.28.18:5000/tomcat
Using default tag: latest
latest: Pulling from tomcat
Digest: sha256:e6d65986e3b0320bebd85733be1195179dbce481201a6b3c1ed27510cfa18351
Status: Downloaded newer image for 192.168.28.18:5000/tomcat:latest
192.168.28.18:5000/tomcat:latest
//检查是否下载成功
[root@bogon /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.28.18:5000/tomcat latest fb5657adc892 13 months ago 680MB
tomcat latest fb5657adc892 13 months ago 680MB