Centos7搭建Docker私有仓库

一、准备

1、激活网卡

# vim /etc/sysconfig/network-scripts/ifcfg-ens160

修改此行
ONBOOT= yes
# /etc/init.d/network restart

2、关闭本地防火墙并设置开机不自启动

   # systemctl stop firewalld.service

# systemctl disable firewalld.service

3、关闭本地selinux防火墙

# vi /etc/sysconfig/selinux 

SELINUX=disabled
# setenforce 0

4、安装ifconfig工具

# yum install net-tools

二、安装

1、安装docker

# yum install docker

# yum upgrade device-mapper-libs
# service docker start
# chkconfig docker on

2、本地私有仓库registry

[root@localhost ~]# docker pull registryTrying to pull repository docker.io/registry ...
24dd746e9b9f: Download complete 
706766fe1019: Download complete 
a62a42e77c9c: Download complete 
2c014f14d3d9: Download complete 
b7cf8f0d9e82: Download complete 
d0b170ebeeab: Download complete 
171efc310edf: Download complete 
522ed614b07a: Download complete 
605ed9113b86: Download complete 
22b93b23ebb9: Download complete 
2ac557a88fda: Download complete 
1f3b4c532640: Download complete 
27ebaac643a7: Download complete 
ce630195cb45: Download complete 
Status: Downloaded newer p_w_picpath for docker.io/registry:latest
[root@localhost ~]# docker p_w_picpaths
REPOSITORY           TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
docker.io/registry   latest              24dd746e9b9f        3 days ago          413.8 MB

3、基于私有仓库镜像运行容器

[root@CentOS7]# docker run -d -p 5000:5000 -v /data/registry:/tmp/registry docker.io/registry  
511e67e1fa11d879f8c1f83a33fe94efc465598eec8f5e3a07cdc729b2e1d454
Usage of loopback devices is strongly discouraged for production use. Either use `--storage-opt dm.thinpooldev` or use `--storage-opt dm.no_warn_on_loop_devices=true` to suppress this warning.
[root@CentOS7]# docker ps -a
CONTAINER ID        IMAGE                       COMMAND                CREATED             STATUS                    PORTS                    NAMES
cc4de7360d64        docker.io/registry:latest   "docker-registry"      7 seconds ago       Up 6 seconds              0.0.0.0:5000->5000/tcp   sad_albattani

4、访问私有仓库

[root@localhost ~]# curl 127.0.0.1:5000/v1/search

{"num_results": 0, "query": "", "results": []} //私有仓库为空，没有提交新镜像到仓库中

5、从Docker Hub上下载一个ssh镜像

[root@localhost ~]# docker search -s 10 ssh
NAME                              DESCRIPTION   STARS     OFFICIAL   AUTOMATED
docker.io: docker.io/fedora/ssh                 18                   [OK]
[root@localhost ~]# docker pull fedora/ssh
Trying to pull repository docker.io/fedora/ssh ...
2aeb2b6d9705: Download complete 
511136ea3c5a: Download complete 
00a0c78eeb6d: Download complete 
834629358fe2: Download complete 
571e8a51403c: Download complete 
87d5d42e693c: Download complete 
92b5ef05fe68: Download complete 
92d3910dc33c: Download complete 
cf2e9fa11368: Download complete 
Status: Downloaded newer p_w_picpath for docker.io/fedora/ssh:latest
[root@localhost ~]# docker p_w_picpaths
REPOSITORY             TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
docker.io/registry     latest              24dd746e9b9f        3 days ago          413.8 MB
docker.io/fedora/ssh   latest              2aeb2b6d9705        9 days ago          254.4 MB

6、创建镜像链接或为基础镜像打个标签

[root@localhost ~]# docker tag docker.io/fedora/ssh 127.0.0.1:5000/ssh
[root@localhost ~]# docker p_w_picpaths
REPOSITORY             TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
docker.io/registry     latest              24dd746e9b9f        3 days ago          413.8 MB
docker.io/fedora/ssh   latest              2aeb2b6d9705        9 days ago          254.4 MB
127.0.0.1:5000/ssh     latest              2aeb2b6d9705        9 days ago          254.4 MB

###############################################

docker commit <容器ID> name

docker tag <镜像ID> 172.20.135.90:5000/royal

docker push 172.20.135.90:5000/royal

###############################################

7、修改Docker配置文件制定私有仓库url

[root@localhost ~]# vim /etc/sysconfig/docker修改此行
OPTIONS='--selinux-enabled --insecure-registry 172.20.135.90:5000'
[root@localhost ~]# service docker restart
Redirecting to /bin/systemctl restart  docker.service

8、提交镜像到本地私有仓库中

[root@localhost ~]# docker push 127.0.0.1:5000/ssh
The push refers to a repository [127.0.0.1:5000/ssh] (len: 1)
Sending p_w_picpath list
Pushing repository 127.0.0.1:5000/ssh (1 tags)
511136ea3c5a: Image successfully pushed 
00a0c78eeb6d: Image successfully pushed 
834629358fe2: Image successfully pushed 
571e8a51403c: Image successfully pushed 
87d5d42e693c: Image successfully pushed 
92b5ef05fe68: Image successfully pushed 
92d3910dc33c: Image successfully pushed 
cf2e9fa11368: Image successfully pushed 
2aeb2b6d9705: Image successfully pushed 
Pushing tag for rev [2aeb2b6d9705] on {http://127.0.0.1:5000/v1/repositories/ssh/tags/latest}

9、查看私有仓库是否存在对应的镜像

[root@localhost ~]# curl 127.0.0.1:5000/v1/search{"num_results": 1, "query": "", "results": [{"description": "", "name": "library/ssh"}]}

10、查看镜像的存储目录和文件

[root@localhost ~]# tree /data/registry/repositories/
└── library
    └── ssh
        ├── _index_p_w_picpaths
        ├── json
        ├── tag_latest
        └── taglatest_json
								 
2 directories, 4 files

三、从私有仓库中下载已有的镜像

1、登陆另外一台Docker客户端

2、修改Docker配置文件

[root@localhost ~]# vim /etc/sysconfig/docker

修改此行
OPTIONS= '--selinux-enabled --insecure-registry 172.20.135.90:5000'         // 添加私有仓库地址
[root@localhost ~] # service docker restart
Redirecting to  /bin/systemctl  restart  docker.service

3、从私有仓库中下载已有的镜像

docker pull 172.20.135.90:5000/tom

四、浏览器访问仓库

浏览器输入：http://172.20.135.90:5000/

----运行容器遇到问题的解决办法

[2015-08-27 01:42:26 +0000] [12] [ERROR] Exception in worker process:
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/gunicorn/arbiter.py", line 507, in spawn_worker
    worker.init_process()
  File "/usr/local/lib/python2.7/dist-packages/gunicorn/workers/ggevent.py", line 193, in init_process
    super(GeventWorker, self).init_process()
  File "/usr/local/lib/python2.7/dist-packages/gunicorn/workers/base.py", line 114, in init_process
    self.wsgi = self.app.wsgi()
  File "/usr/local/lib/python2.7/dist-packages/gunicorn/app/base.py", line 66, in wsgi
    self.callable = self.load()
  File "/usr/local/lib/python2.7/dist-packages/gunicorn/app/wsgiapp.py", line 65, in load
    return self.load_wsgiapp()
  File "/usr/local/lib/python2.7/dist-packages/gunicorn/app/wsgiapp.py", line 52, in load_wsgiapp
    return util.import_app(self.app_uri)
  File "/usr/local/lib/python2.7/dist-packages/gunicorn/util.py", line 356, in import_app
    __import__(module)
  File "/usr/local/lib/python2.7/dist-packages/docker_registry/wsgi.py", line 27, in 
    from .search import *  # noqa
  File "/usr/local/lib/python2.7/dist-packages/docker_registry/search.py", line 14, in 
    INDEX = index.load(cfg.search_backend.lower())
  File "/usr/local/lib/python2.7/dist-packages/docker_registry/lib/index/__init__.py", line 82, in load
    return db.SQLAlchemyIndex()
  File "/usr/local/lib/python2.7/dist-packages/docker_registry/lib/index/db.py", line 86, in __init__
    self._setup_database()
  File "/usr/local/lib/python2.7/dist-packages/docker_registry/toolkit.py", line 330, in wrapper
    os.remove(lock_path)
OSError: [Errno 2] No such file or directory: './registry._setup_database.lock'

添加参数  -e GUNICORN_OPTS=["--preload"]

docker run -d -p 5000:5000 -v /data/registry:/tmp/registry -e GUNICORN_OPTS=["--preload"] docker.io/registry