搭建私有docker仓库并使用OSS作为存储

本文主要是演示如果快速搭建一个私有的docker仓库，并且使用OSS作为存储，docker的用法以及docker仓库的更多设置，不在本文讨论范围

安装docker-engine

以 centos 7 为例

yum update

tee /etc/yum.repos.d/docker.repo <<-'EOF'
[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/7/
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg
EOF

yum install docker-engine

systemctl enable docker.service
systemctl start docker
systemctl docker status

编辑配置文件

• endpoint：访问oss的链接，主要分为公网、经典网络内网和VPC下内网，构成方式为bucket+各个endpoint OSS region和endpoint详细列表
• region：Region英文表示
• bucket：OSS的bucket名称

假设OSS是在美西，bucket是t-docker-registry，通过经典网络内网访问OSS，下面是一个基础版的完整配置
配置文件详细说明

version: 0.1
log:
    fields:
    service: registry
storage:
    cache:
    blobdescriptor: inmemory
    oss:
    accesskeyid: ${accesskeyid}
    accesskeysecret: ${accesskeysecret}
    secure: false
    region: oss-us-west-1
    endpoint: t-docker-registry.oss-us-west-1-internal.aliyuncs.com
    bucket: t-docker-registry
http:
  addr: :5000
  headers:
    X-Content-Type-Options: [nosniff]
health:
    storagedriver:
    enabled: true
    interval: 10s
    threshold: 3

启动任务

配置文件路径 /root/docker-registry/config-registry.yml

启动docker仓库

docker run -d -p 5000:5000 --restart=always --name registry -v /root/docker-registry/config-registry.yml:/etc/docker/registry/config.yml registry:2

测试本地仓库

获取一个docker image

docker pull hello-world

修改tag

docker tag hello-world 127.0.0.1:5000/hello-world

推送镜像到本地仓库

docker push 127.0.0.1:5000/hello-world

推送成功后返回类似如下信息

[root@host docker-registry]# docker push 127.0.0.1:5000/hello-world
The push refers to a repository [127.0.0.1:5000/hello-world]
a02596fdd012: Mounted from hello-world
latest: digest: sha256:a18ed77532f6d6781500db650194e0f9396ba5f05f8b50d4046b294ae5f83aa4 size: 524
[root@host docker-registry]#

同时在OSS控制台对应的bucket下面可以看到创建了相应的文件

测试拉去image，先删除本地的image

docker rmi 127.0.0.1:5000/hello-world

查看本地image仓库，里面已经没有了127.0.0.1:5000/hello-world

docker images

从本地docker仓库拉去 127.0.0.1:5000/hello-world

docker pull 127.0.0.1:5000/hello-world

成功后返回类似如下信息

[root@host docker-registry]# docker pull 127.0.0.1:5000/hello-world
Using default tag: latest
latest: Pulling from hello-world
Digest: sha256:a18ed77532f6d6781500db650194e0f9396ba5f05f8b50d4046b294ae5f83aa4
Status: Downloaded newer image for 127.0.0.1:5000/hello-world:latest

查看本地image仓库，里面已经有了127.0.0.1:5000/hello-world

docker images