4.docker学习笔记：创建自己的registry

4.docker学习笔记：创建自己的registry

---

一般情况下我们获取（pull）和推送（push）镜像都是在docker hub上进行的，非常的快捷方便。但是某些时候，因为外网不方便访问和速度的问题，我们更愿意在公司的内部搭建本地的registry。接下来就是告诉大家如何搭建内部docker registry。

整体的思路是参照docker的官方文档介绍的，官方文档的地址如下：
http://docs-stage.docker.com/registry/deploying/

---

搭建自己的registry

获取registry镜像

registry也是一个应用服务，用来管理我们的镜像，广义的讲docker hub就是一个需要注册和登录的公共registry。而且官方非常慷慨的开放了该镜像以及其源码。

可以通过docker search查看registry：

root@zhangchi-ThinkPad-T450s:~# docker search registry
NAME                                      DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
registry                                  Containerized docker registry                   1179      [OK]       
konradkleine/docker-registry-frontend     Browse and modify your Docker registry in ...   121                  [OK]
atcol/docker-registry-ui                  A web UI for easy private/local Docker Reg...   85                   [OK]
hyper/docker-registry-web                 Web UI, authentication service and event r...   55                   [OK]
distribution/registry                     WARNING: NOT the registry official image!!...   42                   [OK]
marvambass/nginx-registry-proxy           Docker Registry Reverse Proxy with Basic A...   31                   [OK]
h3nrik/registry-ldap-auth                 LDAP and Active Directory authentication p...   15                   [OK]
jhipster/jhipster-registry                JHipster Registry, based on Netflix Eureka...   9                    [OK]
pallet/registry-swift                     Add swift storage support to the official ...   4                    [OK]
allingeek/registry                        A specialization of registry:2 configured ...   4                    [OK]
devsli/cifs-registry                      Docker Registry on CIFS (Samba)                 1                    [OK]
bhuisgen/alpine-registry                  alpine-registry                                 1                    [OK]
metadata/registry                         Metadata Registry is a tool which helps yo...   1                    [OK]
silintl/registry-proxy                    A reverse proxy for the Docker Registry 2.0     1                    [OK]
centos/registry                           Docker registry v2 / AKA Distribution           0                    [OK]
kampka/registry                           A docker registry image based on kampka/ar...   0                    [OK]
terranodo/registry                        Harvard Hypermap Registry                       0                    [OK]
h0tbird/registry                          Containerized Docker registry service           0                    [OK]
openshift/simple-authenticated-registry   A simple authenticated Docker registry tha...   0                    [OK]
webhippie/registry                        Docker images for registry                      0                    [OK]
qnib/registry                             Alpine image of QNIBTerminal w/ docker-reg...   0                    [OK]
crowleyio/registry-grsec                  Containerized docker registry for grsecuri...   0                    [OK]
nouchka/registry                          Docker registry with auto-generation of ht...   0                    [OK]
katch/schema-registry                     Confluent IO Katch Schema Registry              0                    [OK]
davidcollom/docker-registry-frontend      Browse and modify your Docker registry in ...   0                    [OK]

标有OFFICIAL的就是我们的官方镜像。

可以通过docker run命令直接下载该镜像并且启动容器：

docker run -d -p 5000:5000 --restart=always --name registry registry:2

查看启动的容器：

root@zhangchi-ThinkPad-T450s:~# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
6844fa4d808f        registry:2          "/entrypoint.sh /etc/"   23 hours ago        Up 3 minutes        0.0.0.0:5000->5000/tcp   registry

这个容器运行着我们的registry服务。下面可以通过在docker hub上下载需要的镜像，把该镜像push到搭建的registry服务。这样即使是在网络环境不好的情况或者不与外网通信的情况下也可以从搭建的registry上pull镜像。

1.从docker hub上拉取一个镜像：

（1）搜索一个httpd镜像：

root@zhangchi-ThinkPad-T450s:~# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
6844fa4d808f        registry:2          "/entrypoint.sh /etc/"   23 hours ago        Up 3 minutes        0.0.0.0:5000->5000/tcp   registry

（2）拉取整个镜像：

root@zhangchi-ThinkPad-T450s:~# docker pull httpd
Using default tag: latest
latest: Pulling from library/httpd
386a066cd84a: Already exists 
a11d6b8e2fac: Pull complete 
c1fdc7beec37: Pull complete 
bd14a67deca2: Pull complete 
92b34ad02810: Pull complete 
Digest: sha256:5b4a3c85b4b874e84174ee7e78a59920818aa39903f6a28a47b9278f576b4a4d
Status: Downloaded newer image for httpd:latest

（3）在搭建的registry上注册该镜像：

root@zhangchi-ThinkPad-T450s:~# docker tag httpd localhost:5000/httpd

（4）将该镜像push到registry上：

root@zhangchi-ThinkPad-T450s:~# docker push localhost:5000/httpd
The push refers to a repository [localhost:5000/httpd]
b0eab5d635d7: Layer already exists 
c856fa0775de: Layer already exists 
2b9fc9190df9: Layer already exists 
6b50c55a105a: Layer already exists 
fe4c16cbf7a4: Layer already exists 
latest: digest: sha256:5b4a3c85b4b874e84174ee7e78a59920818aa39903f6a28a47b9278f576b4a4d size: 1366

（5）这样就可以指定在该registry上下载该镜像：

oot@zhangchi-ThinkPad-T450s:~# docker pull localhost:5000/httpd
Using default tag: latest
latest: Pulling from httpd
Digest: sha256:5b4a3c85b4b874e84174ee7e78a59920818aa39903f6a28a47b9278f576b4a4d
Status: Image is up to date for localhost:5000/httpd:latest

（6）查看pull的镜像是否存在于镜像列表中：

root@zhangchi-ThinkPad-T450s:~# docker images 
REPOSITORY                       TAG                 IMAGE ID            CREATED             SIZE
zhangchiwd371/centos_vsftpd      latest              8055ae6f1b21        8 days ago          228.3 MB
zhangchiwd371/centos_httpd       latest              52d55d6a2d92        8 days ago          247.9 MB
jenkins                          latest              7e7d1b9dc0c8        9 days ago          714.1 MB
httpd                            latest              50f10ef90911        9 days ago          193.3 MB
localhost:5000/httpd             latest              50f10ef90911        9 days ago          193.3 MB
zhangchiwd371/static_web         latest              46da60b77b45        10 days ago         228.3 MB
konstruktoid/ubuntu              latest              42ec6b22c6b8        11 days ago         82.78 MB
centos                           latest              0584b3d2cf6d        2 weeks ago         196.5 MB
registry                         2                   c9bd19d022f6        4 weeks ago         33.3 MB
ubuntu                           latest              f753707788c5        5 weeks ago         127.2 MB
localhost:5000/ubuntu            latest              f753707788c5        5 weeks ago         127.2 MB
kalilinux/kali-linux-docker      latest              b0d9d7dfbd0a        10 weeks ago        1.021 GB
jlinoff/centos-6.5-x86_64-base   latest              3d6541b04d52        2 years ago         178.3 MB

---

小结

这里介绍了最简单的registry搭建方法，当然在此基础上我们还可以进一步完善，设置指定数据卷，以及CA认证等措施。希望大家可以搭建属于自己的registry。