问题描述
我正在尝试使用以下图像设置私有 docker 注册表:https://github.com/docker/docker-registry
I'm trying to setup a private docker registry using the image taken from:https://github.com/docker/docker-registry
只需运行:docker run -p 5000:5000 注册表
我只能从本地主机拉/推到这个存储库,但是如果我尝试从另一台机器(使用同一局域网上的私有地址)访问它,它会失败并显示错误消息:
I can pull/push from/to this repository only from localhost, but if i try to access it from another machine (using a private address on the same LAN) it fails with an error message:
*2014/11/03 09:49:04 Error: Invalid registry endpoint https ://10.0.0.26:5000/v1/':
Get https:// 10.0.0.26:5000/v1/_ping: Forbidden. If this private
registry supports only HTTP or HTTPS with an unknown CA certificate,
please add `--insecure-registry 10.0.0.26:5000` to the daemon's
arguments. In the case of HTTPS, if you have access to the registry's
CA certificate, no need for the flag; simply place the CA certificate
at /etc/docker/certs.d/10.0.0.26:5000/ca.crt*
让我发疯的是我可以使用以下方法成功访问它:卷曲 10.0.0.26:5000
和/或 curl 10.0.0.26:5000/v1/search
What drives me crazy is that I can access it successfully using:curl 10.0.0.26:5000
and/or curl 10.0.0.26:5000/v1/search
我也不明白我应该在哪里以及如何传递 --insecure-registry
标志.
I also don't understand where and how I should pass the --insecure-registry
flag.
推荐答案
好的 - 经过一天的挖掘,我找到了解决方案.
OK - I found the solution to this - after a day of digging.
对于 1.12.1 以下的 docker:
事实证明,新的客户端版本拒绝使用没有 SSL 的私有注册表.
It turns out that the new client version refuses to work with a private registry without SSL.
要解决此问题 - 客户端计算机上的守护程序应使用不安全标志启动:
To fix this - the daemon on the client machine should be launched with the insecure flag:
只需输入:
sudo service docker stop # to stop the service
然后
sudo docker -d --insecure-registry 10.0.0.26:5000
(将 10.0.0.26
替换为您自己的 IP 地址).
(replace the 10.0.0.26
with your own ip address).
我希望 docker 人员将此选项添加到 pull/push 命令行...
I would expect the docker guys to add this option to the pull/push command line...
编辑 - 替代 - 您可以将标志添加到/etc/default/docker 内的 DOCKER_OPTS
环境变量...然后 sudo service docker restart
Edit - altenantively - you can add the flag to DOCKER_OPTS
env variable inside /etc/default/docker...and then sudo service docker restart
再次编辑 - 似乎 docker 人员正在处理它 - 很快就会有一个修复:https://github.com/docker/docker/pull/8935
Edit again - It seems that the docker guys are on it - and a fix will come soon:https://github.com/docker/docker/pull/8935
对于 docker 1.12.1:
请关注下面vikas027的回答(对centos有效)
Please follow below the answer of vikas027 (valid for centos)
这篇关于如何远程访问私有 docker-registry?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!