去docker hub下載鏡像比較慢,而且自己內部的鏡像一般要求對速度和安全性要求較高,於是就可以考慮搭建本地倉庫registry來實現,下邊簡單介紹下步驟。
環境:centos 7.2
1,安裝docker
yum install docker -y
systemctl start docker.service
systemctl enable docker.service
2,搭建倉庫
下載registry
docker search registry
[root@docker5 registry]# docker search registry
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
docker.io docker.io/registry Containerized docker registry 894 [OK]
docker.io docker.io/konradkleine/docker-registry-frontend Browse and modify your Docker registry in ... 99 [OK]
docker.io docker.io/atcol/docker-registry-ui A web UI for easy private/local Docker Reg... 79 [OK]
docker.io docker.io/distribution/registry WARNING: NOT the registry official image!!... 38 [OK]
docker.io docker.io/samalba/docker-registry 36 [OK]
docker.io docker.io/hyper/docker-registry-web Web UI for private docker registry v2. 28 [OK]
docker.io docker.io/marvambass/nginx-registry-proxy Docker Registry Reverse Proxy with Basic A... 27 [OK]
docker.io docker.io/h3nrik/registry-ldap-auth LDAP and Active Directory authentication p... 12 [OK]
docker.io docker.io/jhipster/jhipster-registry JHipster Registry, based on Netflix Eureka... 6 [OK]
[root@docker5 registry]# docker pull docker.io/registry
等待下載完成。
搭建倉庫:
docker run -d -p 5000:5000 -v /home/registry:/tmp/registry registry
預設情況下docker會將倉庫存放於容器的 /tmp/registry 目錄下,可以通過 -v 參數來將鏡像檔案儲存到我們指定的路徑。
查看是否運行:
[root@docker5 registry]# netstat -tunlp | grep 5000
tcp6 0 0 :::5000 :::* LISTEN 3791/docker-proxy
更改一個標籤:
docker tag mysql:latest 192.168.2.75:5000/mysql20160615
上傳測試鏡像到本地倉庫:
docker push 192.168.2.75:5000/mysql20160615
這裡如果是已經建立了https可以操作成功過,如果是http會報錯。原因是Docker從1.3.X之後預設docker registry使用的是https,所以當用docker pull命令下載遠程鏡像時,如果遠程docker registry是非https的時候就會報上面的錯誤。解決辦法:
vi /etc/sysconfig/docker
OPTIONS='--selinux-enabled --insecure-registry 192.168.2.75:5000' 其中--insecure-registry 192.168.2.75:5000是自己添加的。
設定以後重啟docker和對應容器,重新push一下,成功。
[root@docker5 registry]# docker push 192.168.2.75:5000/testimage
The push refers to a repository [192.168.2.75:5000/testimage] (len: 1)
Sending image list
Pushing repository 192.168.2.75:5000/testimage (1 tags)
3690474eb5b4: Image successfully pushed
b48a20c39b28: Image successfully pushed
c79ebe41b35a: Image successfully pushed
2a332da70fd1: Image successfully pushed
Pushing tag for rev [2a332da70fd1] on {http://192.168.2.75:5000/v1/repositories/testimage/tags/latest}
本地倉庫以及url查看狀態:
[root@docker5 registry]# ll
total 4
drwxr-xr-x. 6 root root 4096 Jun 22 14:27 images
drwxr-xr-x. 3 root root 20 Jun 22 14:27 repositories
[root@docker5 registry]# du -sh ./*
68M ./images
16K ./repositories
[root@docker5 registry]# curl http://192.168.2.75:5000/v1/search
{"num_results": 1, "query": "", "results": [{"description": "", "name": "library/testimage"}]}[root@docker5 registry]#
本地倉庫鏡像下載測實驗證:
進入另外一台內網機器進行鏡像下載測試,比如我的另外一台測試機:192.168.2.76,操作如下:
首先進入修改docker設定檔並重啟
OPTIONS='--selinux-enabled --insecure-registry 192.168.2.75:5000' 其中--insecure-registry 192.168.2.75:5000是自己添加的本地倉庫地址。
pull過程如下:
[root@docker6 ~]# systemctl restart docker
[root@docker6 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
[root@docker6 ~]# docker pull 192.168.2.75:5000/testimage
Using default tag: latest
2a332da70fd1: Download complete
3690474eb5b4: Download complete
b48a20c39b28: Download complete
c79ebe41b35a: Download complete
Status: Downloaded newer image for 192.168.2.75:5000/testimage:latest
192.168.2.75:5000/testimage: this image was pulled from a legacy registry. Important: This registry version will not be supported in future versions of docker.
[root@docker6 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
192.168.2.75:5000/testimage latest 2a332da70fd1 2 weeks ago 196.7 MB
沒有問題,本地倉庫搭建成功。