registry的远程访问

registry的远程访问

关注
发信
关注(28)粉丝(399)

如何获得对私有docker-registry的远程访问?

本文介绍了如何获得对私有docker-registry的远程访问?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试使用从以下位置获取的图像来设置私有Docker注册表:

I'm trying to setup a private docker registry using the image taken from:https://github.com/docker/docker-registry

只需运行:

docker run -p 5000:5000 Registry

我只能从本地主机从该存储库中拉入/推送到该存储库,但是如果我尝试从另一台计算机(使用专用计算机)访问它地址在同一LAN上)失败,并显示错误消息:

I can pull/push from/to this repository only from localhost, but if i try to access it from another machine (using a private address on the same LAN) it fails with an error message:

*2014/11/03 09:49:04 Error: Invalid registry endpoint https ://10.0.0.26:5000/v1/':
Get https:// 10.0.0.26:5000/v1/_ping: Forbidden. If this private
registry supports only HTTP or HTTPS with an unknown CA certificate,
please add `--insecure-registry 10.0.0.26:5000` to the daemon's
arguments. In the case of HTTPS, if you have access to the registry's
CA certificate, no need for the flag; simply place the CA certificate
at /etc/docker/certs.d/10.0.0.26:5000/ca.crt*

让我发疯的是我可以使用以下命令成功访问它:
curl 10.0.0.26:5000
和/或 curl 10.0.0.26:5000/v1/search

What drives me crazy is that I can access it successfully using:curl 10.0.0.26:5000and/or curl 10.0.0.26:5000/v1/search

我也不知道应该在哪里以及如何使用通过-不安全的注册表标志。

I also don't understand where and how I should pass the --insecure-registry flag.

推荐答案

确定-我经过一天的挖掘,找到了解决方案。

OK - I found the solution to this - after a day of digging.

对于低于1.12.1的码头工人:

事实证明,新的客户端版本拒绝使用没有SSL的私有注册表。

It turns out that the new client version refuses to work with a private registry without SSL.

要解决此问题,客户端计算机上的守护程序应用不安全的标志启动:

To fix this - the daemon on the client machine should be launched with the insecure flag:

只需输入类型:

sudo service docker stop # to stop the service

然后

sudo docker -d --insecure-registry 10.0.0.26:5000

(将 10.0.0.26 替换为您自己的IP地址)。

(replace the 10.0.0.26 with your own ip address).

我希望码头工人将这个选项添加到pull / push命令行中...

I would expect the docker guys to add this option to the pull/push command line...

编辑-经常-您可以将标志添加到/ etc / default / docker中的 DOCKER_OPTS env变量...
然后 sudo service docker restart

Edit - altenantively - you can add the flag to DOCKER_OPTS env variable inside /etc/default/docker...and then sudo service docker restart

再次编辑-似乎是Docker家伙在上面-很快就会有一个修复:

Edit again - It seems that the docker guys are on it - and a fix will come soon:https://github.com/docker/docker/pull/8935

对于docker 1.12.1:

请遵循以下vikas027的答案(适用于centos )

Please follow below the answer of vikas027 (valid for centos)

这篇关于如何获得对私有docker-registry的远程访问?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-20 21:49
Powered by LMLPHP ©2024 registry的远程访问 0.042951