注意:如下解决方案,只能解决pull的问题,不能解决push的问题,方案请参考:解决docker push问题
Docker 1.7版本和Docker CE的配置文件的位置是不同的
Docker 1.7版本 /etc/sysconfig/docker
Docker CE版本使用 /etc/docker/daemon.json
使用docker 1.7版本如果要pull docker registry v2或者harbor里的镜像,如果没有配置CA证书的话,需要配置insecure-registry,并且需要将这个参数加到docker daemon的启动参数里。配置步骤:
Docker 1.7解决办法
setp 1 配置DOCKER_OPTS参数
[root@123 ] # vi /etc/sysconfig/docker
other_args=
DOCKER_CERT_PATH=/etc/docker
## add
DOCKER_OPTS="--insecure-registry ip:port"
save之后setp 2 修改启动项
[root@123 ] # vi /etc/init.d/docker
## 找到 start 函数,在exec处增加 刚配置的DOCKER_OPTS,参见下边空行处
start() {
if [ ! -x $exec ]; then
if [ ! -e $exec ]; then
echo "Docker executable $exec not found"
else
echo "You do not have permission to execute the Docker executable $exec"
fi
exit 5
fi
check_for_cleanup
if ! [ -f $pidfile ]; then
prestart
printf "Starting $prog:\t"
echo "\n$(date)\n" >> $logfile
## add DOCKER_OPTS
$exec -d $DOCKER_OPTS &>> $logfile &
pid=$!
touch $lockfile
# wait up to 10 seconds for the pidfile to exist. see
# https://github.com/docker/docker/issues/5359
tries=0
while [ ! -f $pidfile -a $tries -lt 10 ]; do
sleep 1
tries=$((tries + 1))
done
success
echo
else
failure
echo
printf "$pidfile still exists...\n"
exit 7
fi
}
setp 3 重启docker
[root@123 ] # service docker restart
setp 4 验证是否可以pull
Another way
不这么费事,直接修改启动项,原理和结果都是相同的
[root@123 ] # vi /etc/init.d/docker
## 找到exec,直接添加--insecure-registry ip:port
prog="docker"
exec="/usr/bin/$prog --insecure-registry ip:port"
pidfile="/var/run/$prog.pid"
lockfile="/var/lock/subsys/$prog"
logfile="/var/log/$prog"
然后重启docker daemon
Docker CE版本
检查/etc/docker目录下是否有daemon.json文件,如果没有则创建,或者直接vi /etc/docker/daemon.json修改完在:wq也行
[root@123 ] # vi /etc/docker/daemon.json
## add
{
"registry-mirrors": ["https://registry.docker-cn.com"],
"insecure-registries" : ["ip:port","ip:port"]
}
添加完成后重启docker服务service docker restart
Docker 1.13.1 pull 问题
表象就是pull 自己搭建的镜像是提示V1 V2的错误。然后配置了/etc/docker/daemon.json了,也配置了insecure-registries。然后重启systemctl restart docker出现错误了:
[root@localhost docker]# systemctl restart docker
Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.
查看journalctl --no-pager
Apr 20 04:59:27 localhost.localdomain systemd[1]: Started Docker Application Container Engine.
Apr 20 05:00:00 localhost.localdomain systemd[1]: Starting Docker Cleanup...
Apr 20 05:00:00 localhost.localdomain systemd[1]: Started Docker Cleanup.
Apr 20 05:00:01 localhost.localdomain systemd[1]: Created slice User Slice of root.
Apr 20 05:00:01 localhost.localdomain systemd[1]: Starting User Slice of root.
Apr 20 05:00:01 localhost.localdomain systemd[1]: Started Session 7 of user root.
Apr 20 05:00:01 localhost.localdomain CROND[30810]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Apr 20 05:00:01 localhost.localdomain systemd[1]: Starting Session 7 of user root.
Apr 20 05:00:01 localhost.localdomain systemd[1]: Removed slice User Slice of root.
Apr 20 05:00:01 localhost.localdomain systemd[1]: Stopping User Slice of root.
Apr 20 05:00:16 localhost.localdomain polkitd[669]: Registered Authentication Agent for unix-process:30986:300800 (system bus name :1.79 [/usr/bin/pkttyagent --notify-fd 5 --fallback], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Apr 20 05:00:16 localhost.localdomain systemd[1]: Stopping Docker Application Container Engine...
Apr 20 05:00:16 localhost.localdomain dockerd-current[30297]: time="2018-04-20T05:00:16.148690884+08:00" level=info msg="Processing signal 'terminated'"
Apr 20 05:00:16 localhost.localdomain dockerd-current[30297]: time="2018-04-20T05:00:16.180397672+08:00" level=info msg="stopping containerd after receiving terminated"
Apr 20 05:00:17 localhost.localdomain systemd[1]: Starting Docker Storage Setup...
Apr 20 05:00:17 localhost.localdomain systemd[1]: Started Docker Storage Setup.
Apr 20 05:00:17 localhost.localdomain systemd[1]: Starting Docker Application Container Engine...
Apr 20 05:00:17 localhost.localdomain dockerd-current[31044]: unable to configure the Docker daemon with file /etc/docker/daemon.json: the following directives are specified both as a flag and in the configuration file: insecure-registries: (from flag: [gcr.io], from file: [192.168.1.130:5000])
Apr 20 05:00:17 localhost.localdomain systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Apr 20 05:00:17 localhost.localdomain polkitd[669]: Unregistered Authentication Agent for unix-process:30986:300800 (system bus name :1.79, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
Apr 20 05:00:17 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.
Apr 20 05:00:17 localhost.localdomain systemd[1]: Unit docker.service entered failed state.
Apr 20 05:00:17 localhost.localdomain systemd[1]: docker.service failed.
关键是这一句unable to configure the Docker daemon with file /etc/docker/daemon.json: the following directives are specified both as a flag and in the configuration file: insecure-registries: (from flag: [gcr.io], from file: [192.168.1.130:5000])看来还是配置有问题。于是删除了daemon.json里的insecure-registries配置。重启docker,好使。
然后又查看了docker的版本 docker info,原来是1.13.1版本的。看来还得参考最上边的解决方法
问题又来了,在/etc/init.d/下边,找不到docker,全系统里也没找到docker启动的配置函数,有知道的大侠望不吝赐教。
最终通过修改/etc/sysconfig/docker,有这么一段
# /etc/sysconfig/docker
# Modify these options if you want to change the way the docker daemon runs
OPTIONS='--selinux-enabled=false --log-driver=journald --signature-verification=false --insecure-registry gcr.io'
if [ -z "${DOCKER_CERT_PATH}" ]; then
DOCKER_CERT_PATH=/etc/docker
fi
既然是 Modify these options if you want to change the way the docker daemon runs,那就在OPTIONS后边加上OPTIONS='--selinux-enabled=false --log-driver=journald --signature-verification=false --insecure-registry gcr.io --insecure-registry ip:port'
在重启docker服务,就好使了
---------------------
作者:TIMI-Nian
来源:CSDN
原文:https://blog.csdn.net/gezilan/article/details/79398832
版权声明:本文为博主原创文章,转载请附上博文链接!