解决http协议的问题:
安装Nginx,配置HTTPS协议
vim /etc/default/docker增加
OPTIONS="--insecure-registry192.168.10.249:5000"
准备配置环境:
主机名 | 主机IP | 服务 |
docker-images | 10.0.0.5 | docker 私有库库配置 |
|
10.0.0.6 | docker 客户端 |
[root@docker-images~]#cat/etc/redhat-release CentOSLinuxrelease7.2.1511(Core) [root@docker-images~]#uname-r 3.10.0-327.el7.x86_64 [root@docker-images~]#uname-m x86_64 [root@docker-images~]#uname-a Linuxdocker-images3.10.0-327.el7.x86_64#1SMPThuNov1922:10:57UTC2015x86_64x86_64x86_64GNU/Linux [root@docker-images~]#
开始配置(镜像库)
1、关闭防火墙和selinux
[root@docker-images~]#systemctlstopfirewalld [root@docker-images~]#systemctldisablefirewalld#永久 [root@docker-images~]#setenforce0 [root@docker-images~]#getenforce Permissive [root@docker-images~]#
2、安装docker
yuminstalldocker [root@docker-images~]#systemctlenabledocker#加入开机自启动 [root@docker-images~]#systemctlstartdocker#开启服务
3、下载本地私有库registry
[root@docker-images~]#dockerpullregistry#默认下载最新版 [root@docker-images~]#dockerimages#查看下载的镜像 REPOSITORYTAGIMAGEIDCREATEDSIZE docker.io/registrylatest047218491f8c10daysago33.17MB [root@docker-images~]#
4、基于私有仓库镜像运行容器
[root@docker-images~]#dockerrun-d-p5000:5000-v/opt/data/registry:/tmp/registrydocker.io/registry #默认仓库创建在/tmp/registry,用-v参数指定仓库存放位置 1e8b1a03013ee66034b40aee1820000a2ccf026a3b1e43606f3e4007b2a9d455 [root@docker-images~]# [root@docker-images~]#dockerps#查看运行容器 CONTAINERIDIMAGECOMMANDCREATEDSTATUSPORTSNAMES 1e8b1a03013edocker.io/registry"/entrypoint.sh/etc/"35secondsagoUp32seconds0.0.0.0:5000->5000/tcpgoofy_mcnulty [root@docker-images~]#
5、访问私有仓库
[root@docker-images~]#curl127.0.0.1:5000/v2 <ahref="/v2/">MovedPermanently</a>. [root@docker-images~]# #说明registry部署成功
6、为基础镜像打标签
[root@docker-images~]#dockersearchdocker.io/fedora/ssh|grepdocker.io/fedora/ssh docker.iodocker.io/fedora/ssh20[OK] [root@docker-images~]#dockerpulldocker.io/fedora/ssh#下载镜像 [root@docker-images~]#dockerimages REPOSITORYTAGIMAGEIDCREATEDSIZE docker.io/registrylatest047218491f8c10daysago33.17MB docker.io/fedora/sshlatestad6a3ff296264weeksago396.7MB [root@docker-images~]#dockertagdocker.io/fedora/ssh127.0.0.1:5000/ssh#打标签 [root@docker-images~]#dockerimages REPOSITORYTAGIMAGEIDCREATEDSIZE docker.io/registrylatest047218491f8c10daysago33.17MB 127.0.0.1:5000/sshlatestad6a3ff296264weeksago396.7MB docker.io/fedora/sshlatestad6a3ff296264weeksago396.7MB [root@docker-images~]# [root@docker-images~]#vim/etc/sysconfig/docker OPTIONS="--selinux-enabled--insecure-registry10.0.0.5:5000"#定制私有仓库URL [root@docker-images~]#systemctlrestartdocker
7、提交镜像到本地私有库
[root@docker-images~]#dockerstart1e8#开启本地库 1e8 [root@docker-images~]#dockerps CONTAINERIDIMAGECOMMANDCREATEDSTATUSPORTSNAMES 1e8b1a03013edocker.io/registry"/entrypoint.sh/etc/"4hoursagoUp3seconds0.0.0.0:5000->5000/tcpgoofy_mcnulty [root@docker-images~]# [root@docker-images~]#dockerpush127.0.0.1:5000/ssh#上传打好标签的库 Thepushreferstoarepository[127.0.0.1:5000/ssh] 482d621bda33:Pushed 510f15c27a8b:Pushed e4f86288aaf7:Pushed latest:digest:sha256:5ad5aec14bb7aa63fdcea1772db6ab5b5de99b0a023d234e61f5aa8c9435e8ffsize:948 [root@docker-images~]#
8、查看已经上传好的镜像
[root@docker-images~]#curl10.0.0.5:5000/v2/_catalog {"repositories":["ssh"]} [root@docker-images~]#
浏览器中查看已经上传的镜像
http://10.0.0.5:5000/v2/_catalog
9、测试库是否可用,在准备好环境的另一台测试机上面下载上传的镜像
[root@centos7~]#vim/etc/sysconfig/docker#加入私有仓库地址 OPTIONS="--selinux-enabled--insecure-registry10.0.0.5:5000" [root@centos7~]#systemctlrestartdocker [root@centos7~]#dockerpull10.0.0.5:5000/ssh
可以看到已经可以下载镜像,证明私有仓库创建成功
[root@centos7~]#dockerimages REPOSITORYTAGIMAGEIDCREATEDSIZE 10.0.0.5:5000/sshlatestad6a3ff296264weeksago396.7MB [root@centos7~]#
接下来通过自己的私有库运行一个centos7容器
1、从其他的数据库上save一个centos镜像推送到私有库服务器上
[root@docker-images~]#ls anaconda-ks.cfgcentos.tar [root@docker-images~]#dockerload<centos.tar#将镜像导入docker 34e7b85d83e4:Loadinglayer[==================================================>]199.9MB/199.9MB Loadedimage:docker.io/centos:latest]557.1kB/199.9MB [root@docker-images~]#dockerimages REPOSITORYTAGIMAGEIDCREATEDSIZE docker.io/registrylatest047218491f8c10daysago33.17MB 127.0.0.1:5000/sshlatestad6a3ff296264weeksago396.7MB docker.io/fedora/sshlatestad6a3ff296264weeksago396.7MB docker.io/centoslatest67591570dd2912weeksago191.8MB [root@docker-images~]#
2、再次打上自己的标签
[root@docker-images~]#dockertagdocker.io/centos:latest10.0.0.5:5000/lcentos #为了区别前面的,我将centos做了其他标记 [root@docker-images~]#dockerimages REPOSITORYTAGIMAGEIDCREATEDSIZE docker.io/registrylatest047218491f8c10daysago33.17MB 127.0.0.1:5000/sshlatestad6a3ff296264weeksago396.7MB docker.io/fedora/sshlatestad6a3ff296264weeksago396.7MB docker.io/centoslatest67591570dd2912weeksago191.8MB 10.0.0.5:5000/lcentoslatest67591570dd2912weeksago191.8MB [root@docker-images~]#
[root@docker-images~]#dockerpush10.0.0.5:5000/lcentos
4、查看上传好的镜像
[root@docker-images~]#curlhttp://10.0.0.5:5000/v2/_catalog {"repositories":["lcentos","ssh"]} [root@docker-images~]#
浏览器查看
5、再次到准备好环境的那台测试机上面pull
[root@centos7~]#dockerpull10.0.0.5:5000/lcentos [root@centos7~]#dockerimages REPOSITORYTAGIMAGEIDCREATEDSIZE 10.0.0.5:5000/sshlatestad6a3ff296264weeksago396.7MB 10.0.0.5:5000/lcentoslatest67591570dd2912weeksago191.8MB [root@centos7~]#
6、创建并运行一个容器
[root@centos7~]#dockerrun-d-it--privileged=false-p80:80--nameabccentos10.0.0.5:5000/lcentos/bin/bash 15b9f42b3d63846085664139bff0c041f614bc2b717787686d23785d98b37160 [root@centos7~]#dockerps-a CONTAINERIDIMAGECOMMANDCREATEDSTATUSPORTSNAMES 15b9f42b3d6310.0.0.5:5000/lcentos"/bin/bash"16secondsagoUp13seconds0.0.0.0:80->80/tcpabccentos [root@centos7~]#
7、进入容器查看,可以看到centos的版本等信息
[root@centos7~]#dockerattach15b9f42b3d63 [root@15b9f42b3d63/]#cat/etc/redhat-release CentOSLinuxrelease7.3.1611(Core) [root@15b9f42b3d63/]#uname-r 3.10.0-327.el7.x86_64 [root@15b9f42b3d63/]#uname-a Linux15b9f42b3d633.10.0-327.el7.x86_64#1SMPThuNov1922:10:57UTC2015x86_64x86_64x86_64GNU/Linux [root@15b9f42b3d63/]#
8、还可以在此操作系统中安装部署Nginx。
[root@15b9f42b3d63yum.repos.d]#yum-yinstallwget#安装wget,方便安装epel源 [root@15b9f42b3d63yum.repos.d]#mvCentOS-Base.repoCentOS-Base.repo.bak [root@15b9f42b3d63yum.repos.d]#wget-O/etc/yum.repos.d/CentOS-Base.repo [root@15b9f42b3d63yum.repos.d]#wget-O/etc/yum.repos.d/epel.repohttp://mirrors.aliyun.com/repo/epel-7.repo [root@15b9f42b3d63yum.repos.d]#yumcleanall [root@15b9f42b3d63yum.repos.d]#yummakecache [root@15b9f42b3d63yum.repos.d]#yum-yinstallNginx [root@15b9f42b3d63yum.repos.d]#rpm-qa|grepNginx Nginx-filesystem-1.10.2-1.el7.noarch Nginx-mod-http-xslt-filter-1.10.2-1.el7.x86_64 Nginx-mod-mail-1.10.2-1.el7.x86_64 Nginx-mod-stream-1.10.2-1.el7.x86_64 Nginx-mod-http-perl-1.10.2-1.el7.x86_64 Nginx-mod-http-geoip-1.10.2-1.el7.x86_64 Nginx-mod-http-image-filter-1.10.2-1.el7.x86_64 Nginx-1.10.2-1.el7.x86_64 Nginx-all-modules-1.10.2-1.el7.noarch [root@15b9f42b3d63yum.repos.d]#
9、查看服务
[root@15b9f42b3d63yum.repos.d]#Nginx#开启服务 [root@15b9f42b3d63yum.repos.d]#ps-ef|grepNginx root1431020:48?00:00:00Nginx:masterprocessNginx Nginx144143020:48?00:00:00Nginx:workerprocess Nginx145143020:48?00:00:00Nginx:workerprocess Nginx146143020:48?00:00:00Nginx:workerprocess Nginx147143020:48?00:00:00Nginx:workerprocess root1531020:49?00:00:00grep--color=autoNginx
10、查看端口
[root@15b9f42b3d63/]#netstat-lntup|grepNginx tcp000.0.0.0:800.0.0.0:*LISTEN20/Nginx:masterpr tcp600:::80:::*LISTEN20/Nginx:masterpr [root@15b9f42b3d63/]#
11、浏览器访问
以上就是整个创建私有镜像库的过程,欢迎一起交流学习。