docker 推送到本地倉庫_Docker (四) 之倉庫
技術標籤:docker 推送到本地倉庫
Docker (四) 之倉庫
公有倉庫Docker Hub
簡介
倉庫是集中存放映象的地方。容易混淆的是註冊伺服器,它是管理倉庫的伺服器,每個伺服器上可以有多個倉庫,每個倉庫下可以有多個映象。因此倉庫可以被認為是一個具體的目錄。例如http://dl.dockerpool.com/centos來說,http://dl.dockerpool.com是註冊伺服器地址,centos是倉庫名字。
Docker Hub
Docker官方目前維護著一個公共倉庫,我們要是用這個倉庫,需要登入https://hub.docker.com網址。註冊一個賬號。
![image-20200219154643714](/Users/doublez/Library/Application Support/typora-user-images/image-20200219154643714.png)
命令操作
登入Login
[[email protected] ~]# docker login
Username: zz203203zhang
Password: *************
Login Succeeded
[[email protected] ~]#
成功後,本地使用者目錄的.docker目錄中將保留使用者的認證資訊。
[[email protected] ~]# pwd
/root
[[email protected] ~]# ls
centos.tar
[[email protected] ~]# cd .docker/
[[email protected] .docker]# ls
config.json
[[email protected] .docker]# cat config.json
{
"auths": {
"https://index.docker.io/v1/": {
"auth": "enoyMDMyMDN6aGFuZzp6jkswMzIwMzIwMDg="
}
},
"HttpHeaders": {
"User-Agent": "Docker-Client/19.03.5 (linux)"
}
}
[ [email protected] .docker]#
映象操作
在命令列我們可以通過docker search來查詢官方倉庫中的映象,並可以使用docker pull命令將其下載到本地。
[[email protected] .docker]# docker search redhat
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
hjd48/redhat redhat6.3x86-64 images 15
fbascheper/redhat-jboss-eap Extensible RedHat JBoss EAP 13
yjjy0921/redhat7.2 A clean redhat 7.2 image from official redha… 6
crorvick/redhat RedHat Linux 5
redhatopenjdk/redhat-openjdk18-openshift 4
redhatiot/kapua-sql 2
qiankunli/redhat-base a very clean redhat v6.4 x86_64 and can be u… 2
redhatiot/kapua-broker 1
redhatiot/kapua-api 1
redhatinsights/insights-frontend Front end application for Red Hat Insights 1
redhatiot/kapua-console 1
wjp719/redhat6.5 enable sshd and root passwd is redhat, you c… 1
redhatraptor/gocheck-sitemap Performs health check of the sitemap urls 1 [OK]
redhatiot/kapua-console-jetty 0
redhatmsa/hola 0
redhatiot/kapua-api-jetty 0
redhatqecinch/jenkins_slave 0
redhatcat/gold-carp Testing image aimed at a specific rails appl… 0
redhatworkshops/welcome-php 0
boonjit2/redhat6.6 Linux Redhat 6.6 , gcc 4.9.2 , jdk8 0
redhatinsights/fakamai-assets-base 0
redhatcop/jenkins-slave-ruby A Jenkins Slave image with a ruby runtime 0
redhatiot/kura-simulator 0
redhatinsights/insights-proxy Proxy for redhatinsights/insights-frontend 0
redhatcat/postgres-10-postgis 0
可以通過-s N指定檢視多少星級以上的映象,星級代表了該映象的受歡迎程度
[[email protected] .docker]# docker search -s 10 redhat
Flag --stars has been deprecated, use --filter=stars=3 instead
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
hjd48/redhat redhat6.3x86-64 images 15
fbascheper/redhat-jboss-eap Extensible RedHat JBoss EAP 13
下載映象及tag
[[email protected] .docker]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
bc51dd8edc1b: Pull complete
66ba67045f57: Pull complete
bf317aa10aa5: Pull complete
Digest: sha256:ad5552c786f128e389a0263104ae39f3d3c7895579d45ae716f528185b36bc6f
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
[[email protected] ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
import/centos v.2.0.1 3ebf5bc49a71 3 days ago 237MB
nginx latest 2073e0bcb60e 2 weeks ago 127MB
centos latest 470671670cac 4 weeks ago 237MB
training/sinatra latest 49d952a36c58 5 years ago 447MB
[[email protected] .docker]# docker tag 2073e0bcb60e zz203203zhang/nginx
[[email protected] .docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
import/centos v.2.0.1 3ebf5bc49a71 3 days ago 237MB
zz203203zhang/nginx latest 2073e0bcb60e 2 weeks ago 127MB
nginx latest 2073e0bcb60e 2 weeks ago 127MB
centos latest 470671670cac 4 weeks ago 237MB
training/sinatra latest 49d952a36c58 5 years ago 447MB
要推送映象到Docker Hub,需要先登入賬號,然後使用docker push xxx來推送
[[email protected] .docker]# docker push 2073e0bcb6
The push refers to repository [docker.io/library/2073e0bcb6]
An image does not exist locally with the tag: 2073e0bcb6
[[email protected] .docker]# docker push zz203203zhang/nginx
The push refers to repository [docker.io/zz203203zhang/nginx]
22439467ad99: Pushed
b4a29beac87c: Pushed
488dfecc21b1: Pushed
latest: digest: sha256:62f787b94e5faddb79f96c84ac0877aaf28fb325bfc3601b9c0934d4c107ba94 size: 948
[[email protected] .docker]#
這個地方需要注意,映象的名稱必須要以自己Docker Hub上註冊的使用者名稱。
要使用docker tag image_id new_tagname。
我這個地方就是:docker tag 2073e0bcb60e zz203203zhang/nginx修改好了之後就可以使用docke push zz203203zhang/nginx將映象推送到Docker Hub上面去了。
推送成功後,可以登入到自己的Docker Hub上面檢視,如下:
![image-20200219162604524](/Users/doublez/Library/Application Support/typora-user-images/image-20200219162604524.png)
Docker私有倉庫
簡介
在國內,介於網路的原因,很多時候我們無法訪問Docker Hub,那麼需要我們自己管理一個倉庫,這個倉庫可以幫助我們快速的儲存我們的docker images,走內網很快,也可以方便我們同事之間更快的共享映象,免去了無法訪問Docker Hub或者訪問過慢的問題。
建立私有倉庫
Pull倉庫
docker官方提供了一個工具docker-registry,我們可以藉助這個工具構建私有映象倉庫
[[email protected] ~]# docker search registry
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
registry The Docker Registry 2.0 implementation for s… 2848 [OK]
distribution/registry WARNING: NOT the registry official image!!! … 57 [OK]
stefanscherer/registry-windows Containerized docker registry for Windows Se… 30
budry/registry-arm Docker registry build for Raspberry PI 2 and… 18
deis/registry Docker image registry for the Deis open sour… 12
sixeyed/registry Docker Registry 2.6.0 running on Windows - N… 9
anoxis/registry-cli You can list and delete tags from your priva… 8 [OK]
[[email protected] ~]# docker pull registry
Using default tag: latest
latest: Pulling from library/registry
486039affc0a: Pull complete
ba51a3b098e6: Pull complete
8bb4c43d6c8e: Pull complete
6f5f453e5f2d: Pull complete
42bc10b72f42: Pull complete
Digest: sha256:7d081088e4bfd632a88e3f3bcd9e007ef44a796fddfe3261407a3f9f04abe1e7
Status: Downloaded newer image for registry:latest
docker.io/library/registry:latest
啟動私有倉庫
確定網路端口占用情況
這裡由於我們需要我們的伺服器與執行的docker registry私有倉庫映象進行網路連線,故我們需要使用docker-proxy技術建立一個外部伺服器埠連線docker registry的5000埠,我們使用伺服器內部的5000埠對映到docker registry的5000埠,需要檢查5000埠是否被佔用。如果未被佔用,即可使用docker run命令啟動docker registry。
預設情況下,倉庫會建立在容器中的/tmp/registry目錄下,通過-v 指定將映象檔案存放在本地的目錄中。
[[email protected] ~]# netstat -ntlp | grep 5000 ###這裡執行命令後,無顯示結果證明5000埠未被佔用
[[email protected] ~]# docker run -d -p 5000:5000 -v /root/docker/registry:/tmp/registry registry
2996f3fdd9c0a0813abcbbda7ddd3fb6580d4746f4807ce037ec4440172c359b
[[email protected] ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2996f3fdd9c0 registry "/entrypoint.sh /etc…" 7 seconds ago Up 6 seconds 0.0.0.0:5000->5000/tcp stupefied_liskov
執行私有倉庫tag
如果我們想將本機的映象push到我們的私有倉庫,我們需要知道私有倉庫的IP地址和服務的埠(這裡就是上一步我們指定的5000埠,按照你自己的實際情況進行tag修改)。然後按照IP:Port/xxx的形式進行打tag,例如:
[[email protected] ~]# docker tag 2073e0bcb60e 172.16.0.99:5000/nginx
下面是我獲取本機地址及打tag的詳細步驟:
使用這個命令獲取本機IP
ip addr | grep 'state UP' -A2 | grep inet | egrep -v '(127.0.0.1|inet6|docker)' | awk '{print $2}' | tr -d "addr:" | head -n 1 | cut -d / -f1
[[email protected] ~]# ip addr | grep 'state UP' -A2 | grep inet | egrep -v '(127.0.0.1|inet6|docker)' | awk '{print $2}' | tr -d "addr:" | head -n 1 | cut -d / -f1
172.16.0.99
[[email protected] ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 2073e0bcb60e 2 weeks ago 127MB
zz203203zhang/nginx latest 2073e0bcb60e 2 weeks ago 127MB
registry latest 708bc6af7e5e 3 weeks ago 25.8MB
[[email protected] ~]# docker tag 2073e0bcb60e 172.16.0.99:5000/nginx
[[email protected] ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 2073e0bcb60e 2 weeks ago 127MB
zz203203zhang/nginx latest 2073e0bcb60e 2 weeks ago 127MB
172.16.0.99:5000/nginx latest 2073e0bcb60e 2 weeks ago 127MB
registry latest 708bc6af7e5e 3 weeks ago 25.8MB
Push Images
打完對應的tag後,就可以使用docker push命令進行上傳啦
[[email protected] ~]# docker push 172.16.0.99:5000/nginx
The push refers to repository [172.16.0.99:5000/nginx]
Get https://172.16.0.99:5000/v2/: http: server gave HTTP response to HTTPS client
哎呀,報錯了,根據報錯的提示,我們可以看出,我們的client使用的https的方式去訪問docker私有倉庫,但是我們的docker私有倉庫使用的是http,所以我們得修改我們客戶端訪問我們私有倉庫的方式為http,那麼為啥我們Push到Docker Hub的時候沒事呢?因為Docker Hub使用的就是https的方式,這樣更為安全可靠。那麼我們使用下面的方式進行訪問方式的修改,並重新啟動docker服務,這裡的http://xxx.xxx.xxx.xxx需要修改為我們docker私有倉庫的地址,如果埠也有不同,那麼5000埠也需要修改為我們對應的埠:
[[email protected] ~]# echo '{ "insecure-registries":["xxx.xxx.xxx.xxx:5000"] }' > /etc/docker/daemon.json
[[email protected] ~]# cat /etc/docker/daemon.json
{ "insecure-registries":["192.168.0.5:5000"] }
[[email protected] ~]# systemctl restart docker
重新啟動docker registry映象
[[email protected] ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[[email protected] ~]# docker run -d -p 5000:5000 -v /root/docker/registry:/tmp/registry registry
a6c4b25dd702243bc01a655a486d2964b5cfc01f9562ef590855e2bcf3cf367e
[[email protected] ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4ad580d86562 registry "/entrypoint.sh /etc…" 34 minutes ago Up 34 minutes 0.0.0.0:5000->5000/tcp eager_banzai
Push映象
[[email protected] ~]# docker push 172.16.0.99:5000/nginx
The push refers to repository [172.16.0.99:5000/nginx]
22439467ad99: Pushed
b4a29beac87c: Pushed
488dfecc21b1: Pushed
latest: digest: sha256:62f787b94e5faddb79f96c84ac0877aaf28fb325bfc3601b9c0934d4c107ba94 size: 948
[[email protected] ~]#
私有倉庫查詢
那麼如果我們知道公司的私有倉庫地址,那麼我們怎麼search我們的images呢?下面我們簡單介紹幾種方法:
獲取倉庫類的映象
[[email protected] ~]# curl -XGET http://172.16.0.99:5000/v2/_catalog
{"repositories":["nginx"]}
獲取某個映象的標籤列表
[[email protected] ~]# curl -XGET http://172.16.0.99:5000/v2/image_name/tags/list
{"errors":[{"code":"NAME_UNKNOWN","message":"repository name not known to registry","detail":{"name":"image_name"}}]}
[[email protected] ~]# curl -XGET http://172.16.0.99:5000/v2/nginx/tags/list
{"name":"nginx","tags":["latest"]}
參考:
https://stackoverflow.com/questions/23733678/how-to-search-images-from-private-1-0-registry-in-docker