centos7 docker私有倉庫搭建

習Docker的過程中Docker的私有倉庫一直沒能成功，就是因為CentOS 6.x和CentOS 7默認引入了支持https認證，每次在push和pull的時候都會報錯，今天是周末，利用一天的時間反復測試和網上案列的整合，總算是成功了，也借此機會對學習Docker的朋友有所幫助。
個人的愚見：博友在練習的時候建議用CentOS 7.x系統，不建議用CentOS 6.x系統

一、准備
地址規划：
Docker私有倉庫地址：192.168.0.109
Docker客戶端地址：192.168.0.110
1、激活網卡
# vim /etc/sysconfig/network-scripts/ifcfg-eno16777728
修改此行
ONBOOT=yes
# /etc/init.d/network restart
2、關閉本地防火牆並設置開機不自啟動
# systemctl stop firewalld.service
# systemctl disable firewalld.service
3、關閉本地selinux防火牆

# vi /etc/sysconfig/selinux
SELINUX=disabled
# setenforce 0
4、安裝ifconfig工具

# yum install net-tools
二、安裝
1、安裝docker
# yum install docker
# yum upgrade device-mapper-libs
# service docker start
# chkconfig docker on
2、本地私有倉庫registry
[root@localhost ~]# docker pull registry
Trying to pull repository docker.io/registry ...
24dd746e9b9f: Download complete
706766fe1019: Download complete
a62a42e77c9c: Download complete
2c014f14d3d9: Download complete
b7cf8f0d9e82: Download complete
d0b170ebeeab: Download complete
171efc310edf: Download complete
522ed614b07a: Download complete
605ed9113b86: Download complete
22b93b23ebb9: Download complete
2ac557a88fda: Download complete
1f3b4c532640: Download complete
27ebaac643a7: Download complete
ce630195cb45: Download complete
Status: Downloaded newer image for docker.io/registry:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
docker.io/registry latest 24dd746e9b9f 3 days ago 413.8 MB
3、基於私有倉庫鏡像運行容器
[root@localhost ~]# docker run -d -p 5000:5000 -v /opt/data/registry:/tmp/registry docker.io/registry
bb2c0d442df94e281479332c2608ef144f378e71743c5410e36b80c465771a95
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bb2c0d442df9 docker.io/registry:latest "docker-registry" 10 seconds ago Up 7 seconds 0.0.0.0:5000->5000/tcp serene_hopper
4、訪問私有倉庫
[root@localhost ~]# curl 127.0.0.1:5000/v1/search
{"num_results": 0, "query": "", "results": []} //私有倉庫為空，沒有提交新鏡像到倉庫中
5、從Docker Hub上下載一個ssh鏡像
[root@localhost ~]# docker search -s 10 ssh
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
docker.io: docker.io/fedora/ssh 18 [OK]
[root@localhost ~]# docker pull fedora/ssh
Trying to pull repository docker.io/fedora/ssh ...
2aeb2b6d9705: Download complete
511136ea3c5a: Download complete
00a0c78eeb6d: Download complete
834629358fe2: Download complete
571e8a51403c: Download complete
87d5d42e693c: Download complete
92b5ef05fe68: Download complete
92d3910dc33c: Download complete
cf2e9fa11368: Download complete
Status: Downloaded newer image for docker.io/fedora/ssh:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
docker.io/registry latest 24dd746e9b9f 3 days ago 413.8 MB
docker.io/fedora/ssh latest 2aeb2b6d9705 9 days ago 254.4 MB
6、創建鏡像鏈接或為基礎鏡像打個標簽
[root@localhost ~]# docker tag docker.io/fedora/ssh 127.0.0.1:5000/ssh
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
docker.io/registry latest 24dd746e9b9f 3 days ago 413.8 MB
docker.io/fedora/ssh latest 2aeb2b6d9705 9 days ago 254.4 MB
127.0.0.1:5000/ssh latest 2aeb2b6d9705 9 days ago 254.4 MB
7、修改Docker配置文件制定私有倉庫url
[root@localhost ~]# vim /etc/sysconfig/docker
修改此行
OPTIONS='--selinux-enabled --insecure-registry 192.168.0.109:5000'
[root@localhost ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service
8、提交鏡像到本地私有倉庫中
[root@localhost ~]# docker push 127.0.0.1:5000/ssh
The push refers to a repository [127.0.0.1:5000/ssh] (len: 1)
Sending image list
Pushing repository 127.0.0.1:5000/ssh (1 tags)
511136ea3c5a: Image successfully pushed
00a0c78eeb6d: Image successfully pushed
834629358fe2: Image successfully pushed
571e8a51403c: Image successfully pushed
87d5d42e693c: Image successfully pushed
92b5ef05fe68: Image successfully pushed
92d3910dc33c: Image successfully pushed
cf2e9fa11368: Image successfully pushed
2aeb2b6d9705: Image successfully pushed
Pushing tag for rev [2aeb2b6d9705] on {http://127.0.0.1:5000/v1/repositories/ssh/tags/latest}
9、查看私有倉庫是否存在對應的鏡像
[root@localhost ~]# curl 127.0.0.1:5000/v1/search
{"num_results": 1, "query": "", "results": [{"description": "", "name": "library/ssh"}]}
10、查看鏡像的存儲目錄和文件
[root@localhost ~]# tree /opt/data/registry/repositories/
/opt/data/registry/repositories/
└── library
└── ssh
├── _index_images
├── json
├── tag_latest
└── taglatest_json

2 directories, 4 files
三、從私有倉庫中下載已有的鏡像
1、登陸另外一台Docker客戶端
[root@localhost ~]# ssh root@192.168.0.110
The authenticity of host '192.168.0.110 (192.168.0.110)' can't be established.
ECDSA key fingerprint is 5b:81:4b:66:d6:dd:48:16:9f:85:58:72:21:bd:ba:39.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.110' (ECDSA) to the list of known hosts.
root@192.168.0.110's password:
Last login: Sun Apr 26 14:39:51 2015 from 192.168.0.103
2、修改Docker配置文件
[root@localhost ~]# vim /etc/sysconfig/docker
修改此行
OPTIONS='--selinux-enabled --insecure-registry 192.168.0.109:5000' //添加私有倉庫地址
[root@localhost ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service
3、從私有倉庫中下載已有的鏡像
[root@localhost ~]# docker pull 192.168.0.109:5000/ssh
Trying to pull repository 192.168.0.109:5000/ssh ...
2aeb2b6d9705: Download complete
511136ea3c5a: Download complete
00a0c78eeb6d: Download complete
834629358fe2: Download complete
571e8a51403c: Download complete
87d5d42e693c: Download complete
92b5ef05fe68: Download complete
92d3910dc33c: Download complete
cf2e9fa11368: Download complete
Status: Downloaded newer image for 192.168.0.109:5000/ssh:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
192.168.0.109:5000/ssh latest 2aeb2b6d9705 9 days ago 254.4 MB
四、瀏覽器訪問倉庫