centos下搭建docker私有仓库

Posted 2020-06-13

      目前Docker Registry已经升级到了v2，最新版的Docker已不再支持v1。Registry v2使用Go语言编写，在性能和安全性上做了很多优化，重新设计了镜像的存储格式。此文档是在v1的基础上写的，如果需要安装registry v2，只需下载registry:2.2即可，或者可以下载后面的安装脚本运行安装。

一、下载registry镜像

docker pull registry

二、启动私有仓库容器，默认情况下，会将仓库存放于容器内的/tmp/registry目录下，这样如果容器被删除，则存放于容器中的镜像也会丢失，所以我们一般情况下会指定本地一个目录挂载到容器内的/tmp/registry下

docker run -d -p 5000:5000 -v /data/docker/registry:/tmp/registry registry

三、查看启动进程

docker ps -a

CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                    NAMES

9dc25301d44f        registry            "docker-registry"   20 seconds ago      Up 18 seconds       0.0.0.0:5000->5000/tcp   reverent_ptolemy

四、创建镜像链接或为基础镜像打个标签

docker tag docker.io/centos6.7-base 10.44.86.222:5000/centos6.7-base

五、提交镜像到本地私有仓库中

docker push 10.44.86.222:5000/centos6.7-base

六、如果报以下错误，需要修改/etc/sysconfig/docker文件

Error response from daemon: invalid registry endpoint https://10.44.86.222:5000/v0/: unable to ping registry endpoint https://10.44.86.222:5000/v0/

v2 ping attempt failed with error: Get https://10.44.86.222:5000/v2/: EOF

 v1 ping attempt failed with error: Get https://10.44.86.222:5000/v1/_ping: EOF. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry 10.44.86.222:5000` to the daemon‘s arguments. In the case of HTTPS, if you have access to the registry‘s CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/10.44.86.222:5000/ca.crt

在/etc/sysconfig/docker文件添加以下选项：

other_args=‘--insecure-registry 10.44.86.222:5000‘

OPTIONS=‘--selinux-enabled --insecure-registry 10.44.86.222:5000‘

因为从docker1.3.2版本开始默认docker registry使用的是https

七、查看私有仓库是否存在对应的镜像

curl 10.44.86.222:5000/v1/search

{"num_results": 1, "query": "", "results": [{"description": "", "name": "library/centos6.7-base"}]}

本文出自 “我的运维时光” 博客，请务必保留此出处http://aaronsa.blog.51cto.com/5157083/1740747