#--restart=always参数表示在docker服务重新启动时自动启动此容器 [root@docker ~]# docker run -d -p 5000:5000 --restart=always -v /opt/registry:/var/lib/registry registry [root@docker ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE registry latest b2cb11db9d3d 7 weeks ago 26.2MB nginx 1.14 295c7be07902 2 years ago 109MB ubuntu 15.10 9b9cb95443b5 5 years ago 137MB修改配置文件
#修改docker的配置文件,添加insecure-registries [root@docker ~]# vim /etc/docker/daemon.json { "registry-mirrors" : [ "https://registry.docker-cn.com", "https://docker.mirrors.ustc.edu.cn", "http://hub-mirror.c.163.com", "https://cr.console.aliyun.com/"], "insecure-registries":["192.168.88.101:5000"], #docker启动时,自动启动容器 "live-restore":true } #重新启动Docker [root@docker ~]# systemctl restart docker上传镜像至本地仓库
#1.镜像上传至仓库需要对上传的镜像名称进行更改[镜像格式:registry仓库地址:端口/项目名称/镜像名称] [root@docker ~]# docker image tag nginx 192.168.88.101:5000/tye/nginx:v1 [root@docker ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE 192.168.88.101:5000/tye/nginx v1 87a94228f133 8 days ago 133MB nginx latest 87a94228f133 8 days ago 133MB registry latest b2cb11db9d3d 7 weeks ago 26.2MB nginx 1.14 295c7be07902 2 years ago 109MB ubuntu 15.10 9b9cb95443b5 5 years ago 137MB #2.上传至本地仓库 [root@docker ~]# docker image push 192.168.88.101:5000/tye/nginx:v1克隆一台docker的虚拟机(docker2)来测试私有Registry
#清空docker2上所有的容器和镜像 [root@docker2 ~]# docker container rm -f `docker container ls -aq` [root@docker2 ~]# docker image rm -f `docker image ls -aq` #查看docker2主机的配置文件 [root@docker ~]# vim /etc/docker/daemon.json { "registry-mirrors" : [ "https://registry.docker-cn.com", "https://docker.mirrors.ustc.edu.cn", "http://hub-mirror.c.163.com", "https://cr.console.aliyun.com/"], "insecure-registries":["192.168.88.101:5000"] } #测试从docker1配置的本地registry中pull镜像到docker2主机上 [root@docker2 ~]# docker image pull 192.168.88.101:5000/tye/nginx:v1 v1: Pulling from tye/nginx b380bbd43752: Pull complete fca7e12d1754: Pull complete 745ab57616cb: Pull complete a4723e260b6f: Pull complete 1c84ebdff681: Pull complete 858292fd2e56: Pull complete Digest: sha256:7250923ba3543110040462388756ef099331822c6172a050b12c7a38361ea46f Status: Downloaded newer image for 192.168.88.101:5000/tye/nginx:v1 192.168.88.101:5000/tye/nginx:v1 [root@docker2 ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE 192.168.88.101:5000/tye/nginx v1 87a94228f133 8 days ago 133MB #pull之后同docker1本地仓库中的Image对比一下Image ID,相同表示pull镜像成功上传第二个镜像至本地Registry
#1.打标签 [root@docker1 ~]# docker tag tye/centos_lamp:v2 192.168.88.101:5000/tye/centos_lamp:v1 #2.上传 [root@docker1 ~]# docker image push 192.168.88.101:5000/tye/centos_lamp:v1在docker2上测试pull上传的镜像
[root@docker2 ~]# docker image pull 192.168.88.101:5000/tye/centos_lamp:v1 v1: Pulling from tye/centos_lamp 06a11a3d840d: Pull complete d889787eb63d: Pull complete ad1e076aaac9: Pull complete Digest: sha256:234565aeed6e953444dcc0226a06398b02caf6c962ea2581e9a0a7c808423f94 Status: Downloaded newer image for 192.168.88.101:5000/tye/centos_lamp:v1 192.168.88.101:5000/tye/centos_lamp:v1 [root@docker2 ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE 192.168.88.101:5000/tye/centos_lamp v1 cec4d57d1f5a 47 hours ago 440MB 192.168.88.101:5000/tye/nginx v1 87a94228f133 8 days ago 133MB本地仓库添加安全认证 生成密码(docker1)
[root@docker1 ~]# yum install -y httpd-tools [root@docker1 ~]# mkdir -p /opt/registry-auth [root@docker1 ~]# htpasswd -Bbn tye 123 >/opt/registry-auth/htpasswd [root@docker1 ~]# cat /opt/registry-auth/htpasswd tye:$2y$05$6LHld5TIci8Ws39YxXtcfuey6aS84M7nLnyUFZw.1JSDyXJMvdj7W重新启动带有密钥功能的registry容器
#删除历史容器 [root@docker1 ~]# docker container rm -f `docker container ls -aq` d48e73e11323 #启动带有密钥的registry容器 [root@docker1 ~]# docker container run -d -p 5000:5000 -v /opt/registry-auth/:/auth/ -v /opt/registry:/var/lib/registry -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" registry 6195b439bb80f7aac9dc7ce819991cb1709cec33420a67d3105bffe50e20dd4d测试push镜像
#测试上传镜像,提示需要认证 [root@docker1 ~]# docker image tag centos:7 192.168.88.101:5000/tye/centos:v1 [root@docker1 ~]# docker image push 192.168.88.101:5000/tye/centos:v1 The push refers to repository [192.168.88.101:5000/tye/centos] 174f56854903: Preparing no basic auth credentials #进行登录认证 [root@docker1 ~]# docker login 192.168.88.101:5000 Username: tye Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded #重新上传镜像 [root@docker1 ~]# docker image push 192.168.88.101:5000/tye/centos:v1 The push refers to repository [192.168.88.101:5000/tye/centos] 174f56854903: Pushed v1: digest: sha256:dead07b4d8ed7e29e98de0f4504d87e8880d4347859d839686a31da35a3b532f size: 529在docker2上测试pull镜像
#没有认证前,pull提示需要认证 [root@docker2 ~]# docker image pull 192.168.88.101:5000/tye/centos:v1 Error response from daemon: Head "http://192.168.88.101:5000/v2/tye/centos/manifests/v1": no basic auth credentials #登录认证 [root@docker2 ~]# docker login 192.168.88.101:5000 Username: tye Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded [root@docker2 ~]# docker image pull 192.168.88.101:5000/tye/centos:v1 v1: Pulling from tye/centos 2d473b07cdd5: Pull complete Digest: sha256:dead07b4d8ed7e29e98de0f4504d87e8880d4347859d839686a31da35a3b532f Status: Downloaded newer image for 192.168.88.101:5000/tye/centos:v1 192.168.88.101:5000/tye/centos:v1图形化的本地Registry(Habor)
#安装habor依赖--docker-compose [root@docker1 ~]# yum install -y docker-compose #下载Harbor安装包 [github下载链接-Habor](https://github.com/goharbor/harbor/releases) [Habor下载链接](https://storage.googleapis.com/harbor-releases/harbor-offline-installer-v1.6.1.tgz) #上传habor文件至/opt目录 [root@docker1 opt]# ll -h total 628M drwx--x--x 4 root root 28 Oct 15 21:07 containerd drwxr-xr-x 5 root root 54 Oct 20 11:18 dockerfile -rw-r--r-- 1 root root 628M Oct 20 20:56 harbor-offline-installer-v1.6.1.tgz #解压文件 [root@docker1 opt]# tar xf harbor-offline-installer-v1.6.1.tgz #修改habor目录下的habor.cfg配置文件 [root@docker1 opt]# cd harbor [root@docker1 harbor]# vim harbor.cfg hostname = 192.168.88.101 habor_admin_password = 123456 #执行install.sh [root@docker1 harbor]# ./install.sh #Habor安装完成后,会启动以下容器 [root@docker1 harbor]# docker container ls ConTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 9fe1def580b2 goharbor/harbor-jobservice:v1.6.1 "/harbor/start.sh" 42 seconds ago Up 42 seconds harbor-jobservice 4e9896a8ae49 goharbor/nginx-photon:v1.6.1 "nginx -g 'daemon of…" 42 seconds ago Up 42 seconds (healthy) 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp, 0.0.0.0:4443->4443/tcp, :::4443->4443/tcp nginx 2bb58580368e goharbor/harbor-ui:v1.6.1 "/harbor/start.sh" 43 seconds ago Up 42 seconds (healthy) harbor-ui a0de841f970e goharbor/harbor-db:v1.6.1 "/entrypoint.sh post…" 43 seconds ago Up 42 seconds (healthy) 5432/tcp harbor-db 54068fa00170 goharbor/registry-photon:v2.6.2-v1.6.1 "/entrypoint.sh /etc…" 43 seconds ago Up 42 seconds (healthy) 5000/tcp registry d2fb28f1a0a9 goharbor/harbor-adminserver:v1.6.1 "/harbor/start.sh" 43 seconds ago Up 38 seconds (healthy) harbor-adminserver a21f64d69629 goharbor/redis-photon:v1.6.1 "docker-entrypoint.s…" 43 seconds ago Up 43 seconds 6379/tcp redis 14c81ab376e9 goharbor/harbor-log:v1.6.1 "/bin/sh -c /usr/loc…" 44 seconds ago Up 43 seconds (healthy) 127.0.0.1:1514->10514/tcp harbor-log通过Opera浏览器打开网页访问Habor(使用admin用户和habor.cf中配置的密码(habor_admin_password = 123456)登录即可) 登录成功后出现以下页面
欢迎分享,转载请注明来源:内存溢出
评论列表(0条)