私有仓库的搭建

下载registry镜像

[root@toto6 images]# docker pull registery:2

[root@toto6 images]# docker images registry
REPOSITORY TAG IMAGE ID CREATED SIZE
registry 2 f32a97de94e1 4 months ago 25.8MB=

运行此容器

[root@toto6 images]# docker run -d --name registry -p 5000:5000 -v /opt/registry:/var/lib/registry registry:2
##创建并运行容器,设置数据卷,并做端口映射
1
2
查看容器运行运行情况以及映射端口开启情况:

[root@toto6 images]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bc3bcd6346f4 registry:2 “/entrypoint.sh /etc…” About a minute ago Up About a minute 0.0.0.0:5000->5000/tcp registry
[root@toto6 images]# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 656/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 778/master
tcp 0 0 172.25.13.160:22 172.25.13.250:57074 ESTABLISHED 2036/sshd: root@pts
tcp6 0 0 :::22 ::😗 LISTEN 656/sshd
tcp6 0 0 ::1:25 ::😗 LISTEN 778/master
tcp6 0 0 :::5000 ::😗 LISTEN 19841/docker-proxy

上传镜像到本地仓库

再上传镜像的时候,一般会默认上传到docker hub官方仓库,现在需要上传到本地自己创建的仓库,需要指定上传的地址以及端口。如果使用ip默认使用tls加密,目前没有设置,所有直接指定到本机的端口。

需要对本地需要进行上传的镜像进行修改标签:

[root@toto6 images]# docker tag nginx:latest localhost:5000/nginx
[root@toto6 images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx v4 cb475e8f4412 4 hours ago 23.7MB
nginx latest f68d6e55e065 11 days ago 109MB
localhost:5000/nginx latest f68d6e55e065 11 days ago 109MB
registry 2 f32a97de94e1 4 months ago 25.8MB
rhel7 latest 0a3eb3fde7fd 5 years ago 140MB
gcr.io/distroless/base latest 9a255d5fe262 49 years ago 16.8MB

上传修改过标签的镜像到本地仓库:

[root@toto6 images]# docker push localhost:5000/nginx # 上传
The push refers to repository [localhost:5000/nginx]
d2f0b6dea592: Pushed
197c666de9dd: Pushed
cf5b3c6798f7: Pushed
latest: digest: sha256:00be67d6ba53d5318cd91c57771530f5251cfbe028b7be2c4b70526f988cfc9f size: 948
[root@toto6 images]# curl localhost:5000/v2/_catalog # 核实是否上传成功
{“repositories”:[“nginx”]}

查看其数据卷挂载点

运行容器的时候,设置了数据卷,可以子阿宿主机查看上传的结果:

[root@toto6 images]# cd /opt/registry/
[root@toto6 registry]# ls
docker
[root@toto6 registry]# cd docker/
[root@toto6 docker]# ls
registry
[root@toto6 docker]# cd registry/
[root@toto6 registry]# ls
v2
[root@toto6 registry]# cd v2/
[root@toto6 v2]# ls
blobs repositories
[root@toto6 v2]# cd repositories/
[root@toto6 repositories]# ls
nginx

此时创建的私有仓库远程主机无法使用,并且不够安全,此时则可以采用私有仓库加证书加密的方式来创建私有仓库

07-18 05:36