We know we can use hub.docker.com as our public or private registry. However, due to the server in foreign countries, the network speed will be very slow.
So when we build our container service with Docker, we want to be able to build our own private registry, upload mirrored values to our private registry center, and then deploy on other physical machines, quickly pull, and then achieve massive distribution and deployment for increased efficiency.
Here's how to do this through the registry container.
Open source framework based on swoole extension implementation https://github.com/bingcool/swoolefy
Environment: centos7.0, docker1.13.1 version
After the docker1.12 version, the Docker executable file changed from/usr/bin/docker to/ussr/bin/dockerd, each version in a different environment, Dockerd daemon are different configurations, The specific needs to be configured according to the guidance of the Docker website. We can see a lot of information on how to configure Docker Daemon boot parameters tutorial, and some of the problems, in fact, most of them are quite messy, or not according to their actual system and Docker version to determine how to configure, Because the different system version and the Docker version of the specific opts options are different, this configuration of the file location is not the same, if not clear the whole difference, followed the online change to change, the final configuration or not to take effect.
(1) Non-certified registry
In the environment, the Dockerd configuration file is in/etc/docker/daemon.json and can be created manually if the file is not available.
Step one: Pull Docker the second version of the official registry, docker1.6 version above support Registry2
Docker Pull registry:2.6.0
Or Docker pull registry does not specify a version, which represents the latest version
Step Two: Configure Daemon.json to remove the Docker default HTTPS access
Vim/etc/docker/daemon.json
Inside the content is a JSON object, plus a insecure-registries, the address itself changes:
{
"Insecure-registries": ["192.168.1.78:5000"]
}
Then restart Docker to perform
Systemctl Daemon-reload Docker
Systemctl Restart Docker
Step three: No Authentication start Registry container
Docker run-d--name registry-p 5000:5000--restart=always-v/opt/registry/:/var/lib/registry/registry:2.6.0
Upload to the image of the private image to the default is stored in the container/var/lib/registry/, in order to prevent the deletion of registry, the uploaded image is also deleted, so enable a volume, the uploaded image persisted in our physical machine, where the save location is/opt/ registry/
Fourth step: Test whether to start the container
Curl Http://192.168.1.78:5000/v2/_catalog
If you return {"repositories": []}, the start is successful.
Fifth step: Test upload to our own private registry
Rename the nginx image to tag
Docker tag Nginx 192.168.1.78:5000/mynginx
It is important to note that the renamed tag must be prefixed with the build 192.168.1.78:5000/, and the subsequent Mynginx is the new image name.
And then start pushing to the private registry we built.
Docker Pull 192.168.1.78:5000/mynginx
Again by running
Curl Http://192.168.1.78:5000/v2/_catalog
You can see the return {"Repositories": ["Mynginx"]}
The instructions have been push to their registry.
Sixth step: Test Pull
It's also a pull on this machine.
First delete the mirror 192.168.1.78:5000/mynginx (which was renamed by tag)
Docker RMI 192.168.1.78:5000/mynginx
And then
Docker images
Can see that there is no 192.168.1.78:5000/mynginx this image
Let's start pulling this image.
Docker Pull 192.168.1.78:5000/mynginx
And then look.
Docker images
Can see that this 192.168.1.78:5000/mynginx is appearing
It means pull was successful.
Seventh step: Pull the image on the other physical machine
Also need to install Docker, and then/etc/docker/daemon.json this file
Add Insecure-registries,ip address yourself to change:
{
"Insecure-registries": ["192.168.1.78:5000"]
}
Then restart Docker to perform
Ststemctl Daemon-reload Docker
Systemctl Restart Docker
Docker Pull 192.168.1.78:5000/mynginx
This way you can pull the mirror from your own registry, and of course you can upload the image.
If there is a mynginx:1.1
Docker tag 192.168.1.78:5000/mynginx 192.168.1.78:5000/mynginx:1.1
Docker Push 192.168.1.78:5000/mynginx:1.1
Actually 192.168.1.78:5000/this is the address of the private registry that was established.
The registry has been completed and is particularly useful in the development of LAN or online deployment.
The next section will summarize the registry about the certification model, please note.