作者:尹正杰
版权声明:原创作品,谢绝转载!否则将追究法律责任。
本篇博客将介绍通过官方提供的docker registry 镜像来简单搭建一套本地私有仓库环境,生产环境中很少有人使用docker registry,因为它没有管理界面,这一点对于运维人员并不友好,而对于开发人员其实有没有管理界面都无所谓。
一.Docker Registry概述
Docker Registry作为Docker的核心组件之一负责镜像内容的存储和分发,客户端的docker pull以及push命令都将直接与registry进行交互。
最初版本的registry由python实现,由于设计初期在安全性,性能以及API的设计上有着诸多的缺陷,该版本在0.9之后停止了开发,由新的项目distribution(新docker register被称为Distribution)来重新设计并开发下一代registry,新的项目由Golang开发。
所有的API,底层存储方式,系统架构都进行了全方面的重新设计以解决上一代registry中存在的问题日,2016年4月份registry 2.0正式发布,docker 1.6版本开始支持registry 2.0,而八月份随着docker 1.8发布,docker hub正式启用2.1版本registry全面替代之前版本registry,新版registry对镜像存储格式进行了重新设计并和旧版本不兼容,docker 1.5和之前的版本无法读取2.0的镜像。
另外,Registry 2.4版本之后支持了回收站机制,也就是可以删除镜像了,在2.4版本之前是无法支持删除镜像的,所以如果你要使用最好是大于Registry 2.4版本的哟~
二.搭建单机仓库
1>.下载Docker Registry镜像
[root@docker101.yinzhengjie.org.cn ~]# docker image pull registry
Using default tag: latest
latest: Pulling from library/registry
486039affc0a: Pull complete
ba51a3b098e6: Pull complete
8bb4c43d6c8e: Pull complete
6f5f453e5f2d: Pull complete
42bc10b72f42: Pull complete
Digest: sha256:7d081088e4bfd632a88e3f3bcd9e007ef44a796fddfe3261407a3f9f04abe1e7
Status: Downloaded newer image for registry:latest
docker.io/library/registry:latest
[root@docker101.yinzhengjie.org.cn ~]#
2>.创建授权使用目录
[root@docker101.yinzhengjie.org.cn ~]# mkdir -pv /yinzhengjie/data/docker/auth
mkdir: created directory ‘/yinzhengjie/data’
mkdir: created directory ‘/yinzhengjie/data/docker’
mkdir: created directory ‘/yinzhengjie/data/docker/auth’
[root@docker101.yinzhengjie.org.cn ~]#
3>.创建创建用户名和密码
[root@docker101.yinzhengjie.org.cn ~]# cd /yinzhengjie/data/docker/
[root@docker101.yinzhengjie.org.cn /yinzhengjie/data/docker]#
[root@docker101.yinzhengjie.org.cn /yinzhengjie/data/docker]# ll
total 0
drwxr-xr-x 2 root root 6 Jan 27 18:21 auth
[root@docker101.yinzhengjie.org.cn /yinzhengjie/data/docker]#
[root@docker101.yinzhengjie.org.cn /yinzhengjie/data/docker]# docker run --entrypoint htpasswd registry -Bbn jason 2020 > auth/htpasswd
[root@docker101.yinzhengjie.org.cn /yinzhengjie/data/docker]#
[root@docker101.yinzhengjie.org.cn /yinzhengjie/data/docker]#
[root@docker101.yinzhengjie.org.cn /yinzhengjie/data/docker]# ll auth/
total 4
-rw-r--r-- 1 root root 68 Jan 27 18:21 htpasswd
[root@docker101.yinzhengjie.org.cn /yinzhengjie/data/docker]#
[root@docker101.yinzhengjie.org.cn /yinzhengjie/data/docker]#
[root@docker101.yinzhengjie.org.cn /yinzhengjie/data/docker]# cat auth/htpasswd
jason:$2y$05$Gzol9U5vYUMe2kEaUEj03OA2bAKnhK3CnZJFOzv2ljAqrawW/db4e
[root@docker101.yinzhengjie.org.cn /yinzhengjie/data/docker]#
[root@docker101.yinzhengjie.org.cn /yinzhengjie/data/docker]#
4>.启动docker registry
[root@docker101.yinzhengjie.org.cn ~]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 128 :::22 :::*
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]# docker container ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]# docker container run -d -p 6000:5000 --restart=always --name myRegistry01 -v /yinzhengjie/data/docker/auth/:/auth -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" registry
b06b6468313a577d5b33f92e70f7e5843b0a5cdd1d0793eaa5bf96be9ffdf14d
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 20480 :::6000 :::*
LISTEN 0 128 :::22 :::*
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]# docker container ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b06b6468313a registry "/entrypoint.sh /etc…" 8 seconds ago Up 7 seconds 0.0.0.0:6000->5000/tcp myRegistry01
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]# docker container exec -it myRegistry01 sh
/ #
/ # netstat -untalp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 :::5000 :::* LISTEN 1/registry
/ #
/ # exit
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]#
5>.验证端口和容器
6>.测试登录仓库
[root@docker101.yinzhengjie.org.cn ~]# vim /etc/docker/daemon.json
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://tuv7rqqq.mirror.aliyuncs.com"],
"insecure-registries":["docker101.yinzhengjie.org.cn:6000"]
}
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]# systemctl restart docker
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]# docker login docker101.yinzhengjie.org.cn:6000
Username: jason
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]# docker info
Client:
Debug Mode: false
Server:
Containers: 1
Running: 1
Paused: 0
Stopped: 0
Images: 27
Server Version: 19.03.5
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: b34a5c8af56e510852c35414db4c1f4fa6172339
runc version: 3e425f80a8c931f88e6d94a8c831b9d5aa481657
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-957.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.84GiB
Name: docker101.yinzhengjie.org.cn
ID: ZPMZ:2YLN:PQIW:2CN4:GYX6:LAV5:4WMX:U2PH:GIDV:R363:TQI3:QP2O
Docker Root Dir: /var/lib/docker
Debug Mode: false
Username: yinzhengjie2019
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
docker101.yinzhengjie.org.cn:6000
127.0.0.0/8
Registry Mirrors:
https://tuv7rqqq.mirror.aliyuncs.com/
Live Restore Enabled: false
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]# docker info
7>.使用yum方式安装Docker Registry服务
博主推荐阅读:
https://www.cnblogs.com/yinzhengjie/p/11706627.html
三.验证Docker Registry
1>.在"docker101.yinzhengjie.org.cn"登陆后上传镜像
[root@docker101.yinzhengjie.org.cn ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-haproxy v1.8.20 1858fe05d96f 3 days ago 606MB
registry latest 708bc6af7e5e 3 days ago 25.8MB
tomcat-app01 v0.1 bf45c22f2d5b 4 days ago 983MB
tomcat-base 8.5.50 9ff79f369094 5 days ago 968MB
jdk-base 1.8.0_231 0f63a97ddc85 5 days ago 953MB
centos-base 7.6.1810 b4931fd9ace2 5 days ago 551MB
centos centos7.6.1810 f1cb7c7d58b7 10 months ago 202MB
yinzhengjie2019/centos v0.1_centos7.6.1810 f1cb7c7d58b7 10 months ago 202MB
registry.cn-beijing.aliyuncs.com/yinzhengjie2020/centos v0.1_centos7.6.1810 f1cb7c7d58b7 10 months ago 202MB
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]# docker image tag centos-base:7.6.1810 docker101.yinzhengjie.org.cn:6000/jason/centos-base:v7.6.1810
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-haproxy v1.8.20 1858fe05d96f 3 days ago 606MB
registry latest 708bc6af7e5e 3 days ago 25.8MB
tomcat-app01 v0.1 bf45c22f2d5b 4 days ago 983MB
tomcat-base 8.5.50 9ff79f369094 5 days ago 968MB
jdk-base 1.8.0_231 0f63a97ddc85 5 days ago 953MB
centos-base 7.6.1810 b4931fd9ace2 5 days ago 551MB
docker101.yinzhengjie.org.cn:6000/jason/centos-base v7.6.1810 b4931fd9ace2 5 days ago 551MB
centos centos7.6.1810 f1cb7c7d58b7 10 months ago 202MB
yinzhengjie2019/centos v0.1_centos7.6.1810 f1cb7c7d58b7 10 months ago 202MB
registry.cn-beijing.aliyuncs.com/yinzhengjie2020/centos v0.1_centos7.6.1810 f1cb7c7d58b7 10 months ago 202MB
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]#
[root@docker101.yinzhengjie.org.cn ~]# docker image push docker101.yinzhengjie.org.cn:6000/jason/centos-base:v7.6.1810
The push refers to repository [docker101.yinzhengjie.org.cn:6000/jason/centos-base]
0f448859d86e: Pushed
89169d87dbe2: Pushed
v7.6.1810: digest: sha256:62c5a70f2846bd7f8ecd65785e379d0e00acf33ae899f0ec96754a3731b2d425 size: 742
[root@docker101.yinzhengjie.org.cn ~]#
2>.在"docker102.yinzhengjie.org.cn"登陆后下载镜像
![FastGPT一站式解决方案[1-部署篇]:轻松实现RAG-智能问答系统(含sealos云端部署、docker部署、OneAPI&Xinference模型接入)](https://ucc.alicdn.com/fnj5anauszhew/developer-article1607744/20240913/b1671ce8da3a4123866a6328d7affdfd.png?x-oss-process=image/resize,h_160,m_lfit)
