去docker hub下载镜像比较慢,而且自己内部的镜像一般要求对速度和安全性要求较高,于是就可以考虑搭建本地仓库registry来实现,下边简单介绍下步骤。
环境:centos 7.2
1,安装docker
yum install docker -y
systemctl start docker.service
systemctl enable docker.service
2,搭建仓库
下载registry
docker search registry
[root@docker5 registry]# docker search registry INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED docker.io docker.io/registry Containerized docker registry 894 [OK] docker.io docker.io/konradkleine/docker-registry-frontend Browse and modify your Docker registry in ... 99 [OK] docker.io docker.io/atcol/docker-registry-ui A web UI for easy private/local Docker Reg... 79 [OK] docker.io docker.io/distribution/registry WARNING: NOT the registry official image!!... 38 [OK] docker.io docker.io/samalba/docker-registry 36 [OK] docker.io docker.io/hyper/docker-registry-web Web UI for private docker registry v2. 28 [OK] docker.io docker.io/marvambass/nginx-registry-proxy Docker Registry Reverse Proxy with Basic A... 27 [OK] docker.io docker.io/h3nrik/registry-ldap-auth LDAP and Active Directory authentication p... 12 [OK] docker.io docker.io/jhipster/jhipster-registry JHipster Registry, based on Netflix Eureka... 6 [OK] [root@docker5 registry]# docker pull docker.io/registry 等待下载完成。
搭建仓库:
docker run -d -p 5000:5000 -v /home/registry:/tmp/registry registry
默认情况下docker会将仓库存放于容器的 /tmp/registry 目录下,可以通过 -v 参数来将镜像文件保存到我们指定的路径。
查看是否运行:
[root@docker5 registry]# netstat -tunlp | grep 5000 tcp6 0 0 :::5000 :::* LISTEN 3791/docker-proxy
更改一个标签:
docker tag mysql:latest 192.168.2.75:5000/mysql20160615
上传测试镜像到本地仓库:
docker push 192.168.2.75:5000/mysql20160615
这里如果是已经创建了https可以操作成功过,如果是http会报错。原因是Docker从1.3.X之后默认docker registry使用的是https,所以当用docker pull命令下载远程镜像时,如果远程docker registry是非https的时候就会报上面的错误。解决办法:
vi /etc/docker/daemon.json 如果之前没有这个文件,需要新建。
<strong>{ "insecure-registries":["192.168.2.75:5000"] }</strong>
设置以后重启docker和对应容器,重新push一下,成功。
[root@docker5 registry]# docker push 192.168.2.75:5000/testimage
The push refers to a repository [192.168.2.75:5000/testimage] (len: 1)
Sending image list
Pushing repository 192.168.2.75:5000/testimage (1 tags)
3690474eb5b4: Image successfully pushed
b48a20c39b28: Image successfully pushed
c79ebe41b35a: Image successfully pushed
2a332da70fd1: Image successfully pushed
Pushing tag for rev [2a332da70fd1] on {http://192.168.2.75:5000/v1/repositories/testimage/tags/latest}
本地仓库以及url查看状态:
[root@docker5 registry]# ll
total 4
drwxr-xr-x. 6 root root 4096 Jun 22 14:27 images
drwxr-xr-x. 3 root root 20 Jun 22 14:27 repositories
[root@docker5 registry]# du -sh ./*
68M ./images
16K ./repositories
[root@docker5 registry]# curl http://192.168.2.75:5000/v1/search
{"num_results": 1, "query": "", "results": [{"description": "", "name": "library/testimage"}]}[root@docker5 registry]#
本地仓库镜像下载测试验证:
进入另外一台内网机器进行镜像下载测试,比如我的另外一台测试机:192.168.2.76,操作如下:
首先进入修改docker配置文件并重启
OPTIONS='--selinux-enabled --insecure-registry 192.168.2.75:5000' 其中--insecure-registry 192.168.2.75:5000是自己添加的本地仓库地址。
pull过程如下:
[root@docker6 ~]# systemctl restart docker [root@docker6 ~]# docker images REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE [root@docker6 ~]# docker pull 192.168.2.75:5000/testimage Using default tag: latest 2a332da70fd1: Download complete 3690474eb5b4: Download complete b48a20c39b28: Download complete c79ebe41b35a: Download complete Status: Downloaded newer image for 192.168.2.75:5000/testimage:latest 192.168.2.75:5000/testimage: this image was pulled from a legacy registry. Important: This registry version will not be supported in future versions of docker. [root@docker6 ~]# docker images REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE 192.168.2.75:5000/testimage latest 2a332da70fd1 2 weeks ago 196.7 MB
没有问题,本地仓库搭建成功。