一、搭建私有倉庫
#環境
Ip 192.168.0.34
X86雲主機
[root@lh-2 /]# uname -a Linux lh-2 3.10.0-327.13.1.el7.x86_64 #1 SMP Thu Mar 31 16:04:38 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
操作系統
[root@lh-2 data]# cat /etc/redhat-release CentOS Linux release 7.2.1511 (Core)
#拉registry鏡像,運行一個容器
[root@lh-2 ~]# sudo docker pull registry [root@lh-2 ~]# sudo docker run -d -p 5000:5000 -v /opt/data/registry:/tmp/registry registry
#拉busybox鏡像,打標簽
[root@lh-2 ~]# sudo docker pull busybox [root@lh-2 ~]# sudo docker tag busybox 192.168.0.34:5000/busybox
#提交鏡像到私有倉庫
[root@lh-2 ~]# sudo docker push 192.168.0.34:5000/busybox The push refers to a repository [192.168.0.34:5000/busybox] unable to ping registry endpoint https://192.168.0.34:5000/v0/ v2 ping attempt failed with error: Get https://192.168.0.34:5000/v2/: dial tcp 192.168.0.34:5000: getsockopt: connection refused v1 ping attempt failed with error: Get https://192.168.0.34:5000/v1/_ping: dial tcp 192.168.0.34:5000: getsockopt: connection refused
因為Docker從1.3.x之后,與docker registry交互默認使用的是https,但是此處搭建私有倉庫卻只提供http服務,所以當和私有倉庫交互時報上述錯誤。因此需要在啟動docker server時增加啟動參數為默認使用http訪問。
#若無問題,直接查看倉庫鏡像
[root@lh-2 data]# curl -XGET 192.168.0.34:5000/v2/_catalog
二、FAQ
#上面push鏡像是報錯,docker配置文件中添加如下一行:
[root@lh-2 ~]# vi /etc/sysconfig/docker # If you have a registry secured with https but do not have proper certs # distributed, you can tell docker to not look for full authorization by # adding the registry to the INSECURE_REGISTRY line and uncommenting it. # INSECURE_REGISTRY='--insecure-registry' INSECURE_REGISTRY='--insecure-registry=192.168.0.34:5000'
#重啟docker服務
[root@lh-2 ~]# systemctl restart docker.service Warning: docker.service changed on disk. Run 'systemctl daemon-reload' to reload units.
[root@lh-2 ~]# sudo docker push 192.168.0.34:5000/busybox The push refers to a repository [192.168.0.34:5000/busybox] Put http://192.168.0.34:5000/v1/repositories/busybox/: dial tcp 192.168.0.34:5000: getsockopt: connection refused
注:連接拒絕。報錯后面可以看到是因為未啟動容器,不過此時配置文件未生效。
[root@lh-2 ~]# ps -aux|grep docker root 32050 1.3 0.4 559440 32500 ? Ssl 06:16 0:00 /usr/bin/docker-current daemon --exec-opt native.cgroupdriver=systemd --selinux-enabled --log-driver=journald --insecure-registry=192.168.0.34:5000 root 32123 0.2 0.1 124140 15712 ? Sl 06:16 0:00 docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8000 -container-ip 172.17.0.2 -container-port 8080 root 32307 0.0 0.0 112648 972 pts/3 S+ 06:17 0:00 grep --color=auto docker
注:根據輸出可以看出我們更改配置文件並沒有生效
#修改docker配置文件,使其重啟服務能生效
[root@lh-2 ~]# vi /usr/lib/systemd/system/docker.service [Unit] Description=Docker Application Container Engine Documentation=http://docs.docker.com After=network.target rhel-push-plugin.socket Wants=docker-storage-setup.service [Service] Type=notify NotifyAccess=all EnvironmentFile=-/etc/sysconfig/docker EnvironmentFile=-/etc/sysconfig/docker-storage EnvironmentFile=-/etc/sysconfig/docker-network Environment=GOTRACEBACK=crash ExecStart=/usr/bin/docker-current daemon \ --exec-opt native.cgroupdriver=systemd \ $OPTIONS \ $DOCKER_STORAGE_OPTIONS \ $DOCKER_NETWORK_OPTIONS \ $ADD_REGISTRY \ $BLOCK_REGISTRY \ $INSECURE_REGISTRY LimitNOFILE=1048576 LimitNPROC=1048576 LimitCORE=infinity TimeoutStartSec=0 MountFlags=slave Restart=on-abnormal [Install] WantedBy=multi-user.target
#重啟docker服務,查看修改配置是否寫入
[root@lh-2 ~]# systemctl daemon-reload [root@lh-2 ~]# systemctl restart docker [root@lh-2 ~]# ps -aux|grep docker root 6401 2.8 0.3 559696 30164 ? Ssl 06:23 0:00 /usr/bin/docker-current daemon --exec-opt native.cgroupdriver=systemd --selinux-enabled --log-driver=journald --insecure-registry=192.168.0.34:5000 root 6748 0.5 0.2 123084 17492 ? Sl 06:23 0:00 docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8000 -container-ip 172.17.0.2 -container-port 8080 root 6897 0.0 0.0 112652 968 pts/3 S+ 06:23 0:00 grep --color=auto docker
#前面提交到私有倉庫報錯
[root@lh-2 ~]# sudo docker push 192.168.0.34:5000/busybox The push refers to a repository [192.168.0.34:5000/busybox] Put http://192.168.0.34:5000/v1/repositories/busybox/: dial tcp 192.168.0.34:5000: getsockopt: connection refused [root@lh-2 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b57ed47acdc1 rancher/swarm-agent:v0.1.3 "swarm-agent" 13 minutes ago Up 13 minutes r-Swarm_swarm-agent_1 6cb333619b90 registry "/entrypoint.sh /etc/" 2 hours ago Exited (2) About an hour ago pensive_lovelace [root@lh-2 ~]# docker start 6cb333619b90 6cb333619b90 [root@lh-2 ~]# sudo docker push 192.168.0.34:5000/busybox The push refers to a repository [192.168.0.34:5000/busybox] 8ac8bfaff55a: Pushed latest: digest: sha256:a59906e33509d14c036c8678d687bd4eec81ed7c4b8ce907b888c607f6a1e0e6 size: 505
原因:未開啟registry鏡像容器。
#進入容器報錯
[root@lh-2 ~]# docker exec -it 6cb333619b90 /bin/bash exec: "/bin/bash": stat /bin/bash: no such file or directory
原因:不支持bash
#進入容器查看鏡像存儲
[root@lh-2 ~]# docker exec -it 6cb333619b90 /bin/sh / # / # ls bin entrypoint.sh home linuxrc mnt root sbin sys usr dev etc lib media proc run srv tmp var / # cd tmp/registry/ /tmp/registry # ls /tmp/registry # ls
[root@lh-2 ~]# sudo docker run 192.168.0.34:5000/busybox [root@lh-2 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e7a80ce00dbe 192.168.0.34:5000/busybox "sh" 9 seconds ago Exited (0) 7 seconds ago [root@lh-2 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE192.168.0.34:5000/busybox latest 2b8fd9751c4c 10 weeks ago 1.093 MB
感覺寫一起有些太長了,再來一篇吧
https://www.cnblogs.com/zeppelin/p/5906435.html
歡迎掃碼關注下面公眾號,定期分享大數據與知識圖譜相關知識點,讀書思考。
