Docker仓库之单机Docker Registry

admin 2023年10月17日 docker 0

Docker仓库之单机Docker Registry:

Docker Registry作为Docker的核心组件之一负责镜像内容的存储与分发,客户端的docker pull以及push命令都将直接与registry进行交互,最初版本的registry由Python实现,由于设计初期在安全性,性能以及API的设计上有着诸多的缺陷,该版本在0.9之后停止了开发,由新的项目distribution(新的docker register被称为Distribution)来重新设计并开发下一代registry,新的项目由go语言开发,所有的API,底层存储方式,系统架构都进行了全面的重新设计已解决上一代registry中存在的问题,2016年4月份rgistry 2.0正式发布,docker 1.6版本开始支持registry 2.0,而八月份随着docker 1.8发布,docker hub正式启用2.1版本registry全面替代之前版本registry,新版registry对镜像存储格式进行了重新设计并和旧版不兼容,docker 1.5和之前的版本无法读取2.0的镜像,另外,Registry
2.4版本之后支持了回收站机制,也就是可以删除镜像了,在2.4版本之前是无法支持删除镜像的,所以如果你要使用最好是大于Registry 2.4版本的,目前最新版本为2.7.x官方文档地址:https://docs.docker.com/registry/
官方github地址:https://github.com/docker/distribution本部分将介绍通过官方提供的docker registry镜像来简单搭建一套本地私有仓库环境。

下载docker registry镜像

root@docker-server1 ~]#docker pull registry

搭建单机仓库:

创建授权使用目录:

[root@docker-server1 ~# mkdir/docker/auth #创建一个授权使用目录

创建用户:

[root@docker-server1 ~]#cd /docker
[root@docker-server1 docker]# docker run --entrypoint htpasswd registry -Bbn jack 123456 > auth/htpasswd#创建一个用户并生成密码
报错:345: starting container process caused "exec: \"htpasswd\": executable file not found in $PATH": unknown.
https://stackoverflow.com/questions/62531462/docker-local-registry-exec-htpasswd-executable-file-not-found-in-path

验证用户名密码:

[root@docker-server1 docker]#cat auth/htpasswd
jack:$2ys05$8W2a0/2RXMrMzw/0M5pig..QXxwUh/m/XPoW5H/XxloLLRDTepVGP6

启动docker registry:

[root@docker-server1 dockerl# docker run -d -p 5000:5000 --restart=always --name registry1 -v /docker/auth:/auth -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry

ce659e85018bea3342045f839c43b66de1237ce5413c0b6b72c0887bece5325a

验证

在另一台登录

解决:

#  vim /lib/systemd/system/docker.service 
......
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry 10.0.0.181:5000
# 早期不是这样,见杰哥文档
......
root@ubuntu:/opt/dockerfile/web/nginx/alpine# systemctl daemon-reload 
root@ubuntu:/opt/dockerfile/web/nginx/alpine# systemctl restart docker

重新登录,tag,push

docker login 10.0.0.181:5000
root@ubuntu:~# docker tag centos-haproxy:2.0.17 10.0.0.181:5000/project1/haproxy:2.0.17-centos
root@ubuntu:~# docker push 10.0.0.181:5000/project1/haproxy:2.0.17-centos

换一台机器pull

root@ubuntu:~# docker pull 10.0.0.181:5000/project1/haproxy:2.0.17-centos
Error response from daemon: Get https://10.0.0.181:5000/v2/: http: server gave HTTP response to HTTPS client

(解决方式如上)

登录,重新pull

root@ubuntu:~# docker login 10.0.0.181:5000
Username: jack
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
root@ubuntu:~# cat /root/.docker/config.json 
{
    "auths": {
        "10.0.0.181:5000": {
            "auth": "amFjazoxMjM0NTY="
        }
    },
    "HttpHeaders": {
        "User-Agent": "Docker-Client/19.03.12 (linux)"
    }

root@ubuntu:~#docker pull 10.0.0.181:5000/project1/haproxy:2.0.17-centos

新机器把service文件拷过去

root@ubuntu:~# scp  /lib/systemd/system/docker.service root@10.0.0.183:/lib/systemd/system/
root@ubuntu:~# systemctl daemon-reload 
root@ubuntu:~# systemctl restart docker
root@ubuntu:~# docker pull 10.0.0.181:5000/project1/haproxy:2.0.17-centos
Error response from daemon: Get http://10.0.0.181:5000/v2/project1/haproxy/manifests/2.0.17-centos: no basic auth credentials
root@ubuntu:~# docker pull 10.0.0.181:5000/project1/haproxy:2.0.17-centos
2.0.17-centos: Pulling from project1/haproxy
f34b00c7da20: Downloading [================================================>  ]  73.51MB/75.79MB
bf6d726f2294: Downloading [===============================>                   ]  72.39MB/113.7MB
0eebd9d2b676: Download complete 
96b451a6ffd3: Download complete

拷贝config.json

oot@ubuntu:~# scp -r /root/.docker 10.0.0.183:/root
root@10.0.0.183's password: 
config.json   
2.0.17-centos: Pulling from project1/haproxy
f34b00c7da20: Downloading [================================================>  ]  73.51MB/75.79MB
bf6d726f2294: Downloading [===============================>                   ]  72.39MB/113.7MB
0eebd9d2b676: Download complete 
96b451a6ffd3: Download complete
服务器技术交流群请加微信 YJZyjz