Docker部署私有仓库
今天和你们聊聊Docker的私有仓库。linux
前段时间啊在CentOS6.x上玩Docker的私有仓库,因为https认证的缘由,一直没有能解决,最后听群上的一朋友说,换成CentOS 7试试,也别说,最后实验成功啦!
docker
因此我建议朋友在玩docker的私有仓库的时候,也能如今CentOS7.x系统上玩,肯定对整个过程熟悉后,而后换成你熟悉的6.x的系统,这样也是一个循循渐进的过程吧!json
1、准备vim
一、地址规划浏览器
Docker私有仓库地址:192.168.0.109 Docker客户端地址:192.168.0.110
二、激活网卡bash
# vim /etc/sysconfig/network-scripts/ifcfg-eno16777728 修改此行 ONBOOT=yes # /etc/init.d/network restart
三、关闭本地防火墙并设置开机不自启动app
# systemctl stop firewalld.service # systemctl disable firewalld.service
四、关闭本地selinux防火墙ssh
# vi /etc/sysconfig/selinux SELINUX=disabled # setenforce 0
五、安装ifconfig工具curl
# yum install net-tools
2、安装
tcp
一、安装docker
# yum install docker # yum upgrade device-mapper-libs # service docker start # chkconfig docker on
二、本地私有仓库registry
[root@localhost ~]# docker pull registry Trying to pull repository docker.io/registry ... 24dd746e9b9f: Download complete 706766fe1019: Download complete a62a42e77c9c: Download complete 2c014f14d3d9: Download complete b7cf8f0d9e82: Download complete d0b170ebeeab: Download complete 171efc310edf: Download complete 522ed614b07a: Download complete 605ed9113b86: Download complete 22b93b23ebb9: Download complete 2ac557a88fda: Download complete 1f3b4c532640: Download complete 27ebaac643a7: Download complete ce630195cb45: Download complete Status: Downloaded newer p_w_picpath for docker.io/registry:latest [root@localhost ~]# docker p_w_picpaths REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE docker.io/registry latest 24dd746e9b9f 3 days ago 413.8 MB
三、基于私有仓库镜像运行容器
[root@localhost ~]# docker run -d -p 5000:5000 -v /opt/data/registry:/tmp/registry docker.io/registry bb2c0d442df94e281479332c2608ef144f378e71743c5410e36b80c465771a95 [root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES bb2c0d442df9 docker.io/registry:latest "docker-registry" 10 seconds ago Up 7 seconds 0.0.0.0:5000->5000/tcp serene_hopper
四、访问私有仓库
[root@localhost ~]# curl 127.0.0.1:5000/v1/search
{"num_results": 0, "query": "", "results": []} //私有仓库为空,没有提交新镜像到仓库中
五、从Docker Hub上下载一个ssh镜像
[root@localhost ~]# docker search -s 10 ssh NAME DESCRIPTION STARS OFFICIAL AUTOMATED docker.io: docker.io/fedora/ssh 18 [OK] [root@localhost ~]# docker pull fedora/ssh Trying to pull repository docker.io/fedora/ssh ... 2aeb2b6d9705: Download complete 511136ea3c5a: Download complete 00a0c78eeb6d: Download complete 834629358fe2: Download complete 571e8a51403c: Download complete 87d5d42e693c: Download complete 92b5ef05fe68: Download complete 92d3910dc33c: Download complete cf2e9fa11368: Download complete Status: Downloaded newer p_w_picpath for docker.io/fedora/ssh:latest [root@localhost ~]# docker p_w_picpaths REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE docker.io/registry latest 24dd746e9b9f 3 days ago 413.8 MB docker.io/fedora/ssh latest 2aeb2b6d9705 9 days ago 254.4 MB
六、建立镜像连接或为基础镜像打个标签
[root@localhost ~]# docker tag docker.io/fedora/ssh 127.0.0.1:5000/ssh [root@localhost ~]# docker p_w_picpaths REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE docker.io/registry latest 24dd746e9b9f 3 days ago 413.8 MB docker.io/fedora/ssh latest 2aeb2b6d9705 9 days ago 254.4 MB 127.0.0.1:5000/ssh latest 2aeb2b6d9705 9 days ago 254.4 MB
七、修改Docker配置文件制定私有仓库url
[root@localhost ~]# vim /etc/sysconfig/docker 修改此行 OPTIONS='--selinux-enabled --insecure-registry 192.168.0.109:5000' [root@localhost ~]# service docker restart Redirecting to /bin/systemctl restart docker.service
八、提交镜像到本地私有仓库中
[root@localhost ~]# docker push 127.0.0.1:5000/ssh
The push refers to a repository [127.0.0.1:5000/ssh] (len: 1)
Sending p_w_picpath list
Pushing repository 127.0.0.1:5000/ssh (1 tags)
511136ea3c5a: Image successfully pushed
00a0c78eeb6d: Image successfully pushed
834629358fe2: Image successfully pushed
571e8a51403c: Image successfully pushed
87d5d42e693c: Image successfully pushed
92b5ef05fe68: Image successfully pushed
92d3910dc33c: Image successfully pushed
cf2e9fa11368: Image successfully pushed
2aeb2b6d9705: Image successfully pushed
Pushing tag for rev [2aeb2b6d9705] on {http://127.0.0.1:5000/v1/repositories/ssh/tags/latest}
九、查看私有仓库是否存在对应的镜像
[root@localhost ~]# curl 127.0.0.1:5000/v1/search
{"num_results": 1, "query": "", "results": [{"description": "", "name": "library/ssh"}]}
十、查看镜像的存储目录和文件
[root@localhost ~]# tree /opt/data/registry/repositories/ /opt/data/registry/repositories/ └── library └── ssh ├── _index_p_w_picpaths ├── json ├── tag_latest └── taglatest_json 2 directories, 4 files
3、从私有仓库中下载已有的镜像
一、登录另一台Docker客户端
[root@localhost ~]# ssh root@192.168.0.110 The authenticity of host '192.168.0.110 (192.168.0.110)' can't be established. ECDSA key fingerprint is 5b:81:4b:66:d6:dd:48:16:9f:85:58:72:21:bd:ba:39. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.0.110' (ECDSA) to the list of known hosts. root@192.168.0.110's password: Last login: Sun Apr 26 14:39:51 2015 from 192.168.0.103
二、修改Docker配置文件
[root@localhost ~]# vim /etc/sysconfig/docker 修改此行 OPTIONS='--selinux-enabled --insecure-registry 192.168.0.109:5000' //添加私有仓库地址 [root@localhost ~]# service docker restart Redirecting to /bin/systemctl restart docker.service
三、从私有仓库中下载已有的镜像
[root@localhost ~]# docker pull 192.168.0.109:5000/ssh Trying to pull repository 192.168.0.109:5000/ssh ... 2aeb2b6d9705: Download complete 511136ea3c5a: Download complete 00a0c78eeb6d: Download complete 834629358fe2: Download complete 571e8a51403c: Download complete 87d5d42e693c: Download complete 92b5ef05fe68: Download complete 92d3910dc33c: Download complete cf2e9fa11368: Download complete Status: Downloaded newer p_w_picpath for 192.168.0.109:5000/ssh:latest [root@localhost ~]# docker p_w_picpaths REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE 192.168.0.109:5000/ssh latest 2aeb2b6d9705 9 days ago 254.4 MB
4、浏览器访问仓库
