【云原生之Docker实战】部署Docker Registry镜像仓库服务器
【云原生之Docker实战】部署Docker Registry镜像仓库服务器
- 一、Registry 私有镜像仓库介绍
-
- 1.Registry简介
- 2.Registry的作用
- 二、检查本地dokcer状态
- 三、Registry的工作流程图
- 四、修改daemon.json文件
-
- 1.重新配置daemon.json文件
- 2.重启docker服务
- 五、运行registry容器
-
- 1.搜索registry镜像版本
- 2.拉取registry镜像
- 3.创建挂载目录
- 4.运行容器
- 5.查看registry容器
- 六、测试registry地址
- 七、修改镜像仓库的权限
-
- 1.进入registry容器
- 2.修改config.yml
- 八、上传镜像到私有镜像仓库
-
- 1.给要上传镜像打上标签
- 2.查看本地镜像列表
- 3.修改docker启动参数
-
- ①修改docker启动参数
- ②重启docker服务
- 4.上传镜像到私有镜像仓库
- 5.查看镜像仓库上传的镜像
- 九、registry镜像仓库的管理
-
- 1.查看镜像的详细信息
- 2.删除镜像的元数据
- 3.彻底清空镜像
一、Registry 私有镜像仓库介绍
1.Registry简介
Docker Registry:官方docker镜像存储、管理和分发工具。
2.Registry的作用
1、避免下载镜像时所带来的网络延时。
2、方便镜像版本的更新与维护
3、部署私有应用程序
二、检查本地dokcer状态
[root@master ~]# docker version
Client: Docker Engine - Community
Version: 20.10.17
API version: 1.41
Go version: go1.17.11
Git commit: 100c701
Built: Mon Jun 6 23:05:12 2022
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.17
API version: 1.41 (minimum version 1.12)
Go version: go1.17.11
Git commit: a89b842
Built: Mon Jun 6 23:03:33 2022
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: v1.6.1
GitCommit: 10f428dac7cec44c864e1b830a4623af27a9fc70
runc:
Version: 1.1.0
GitCommit: v1.1.0-0-g067aaf85
docker-init:
Version: 0.19.0
GitCommit: de40ad0
三、Registry的工作流程图
四、修改daemon.json文件
1.重新配置daemon.json文件
[root@master ~]# cat /etc/docker/daemon.json
{ "registry-mirrors": ["https://dfhd6uft7h.mirror.aliyuncs.com"] }
{
"insecure-registries": ["192.168.3.146:5000"]
}
2.重启docker服务
[root@master ~]# systemctl daemon-reload
[root@master ~]# systemctl restart docker.service
五、运行registry容器
1.搜索registry镜像版本
[root@master ~]# docker search registry
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
registry The Docker Registry 2.0 implementation for s… 3632 [OK]
jhipster/jhipster-registry JHipster Registry, based on Netflix Eureka a… 58 [OK]
distribution/registry WARNING: NOT the registry official image!!! … 57 [OK]
google/docker-registry Docker Registry w/ Google Cloud Storage driv… 49
apache/nifi-registry Unofficial convenience binaries for Apache N… 37
docker/dtr Docker Trusted Registry 14
ibmcom/isam-openldap This image provides a user registry which ca… 10
vmware/registry 6
docker/migrator Tool to migrate Docker images from a v1 regi… 5 [OK]
ibmcom/verify-access-openldap This image provides a user registry which ca… 3
ibmcom/registry-ppc64le Docker Image for IBM Cloud Private-CE (Commu… 2
snyk/container-registry-agent Container registry agent allows securely con… 1
silintl/registry-proxy A reverse proxy for the Docker Registry 2.0 1 [OK]
ibmcom/registry Docker Image for IBM Cloud private-CE (Commu… 1
ibmcom/registry-s390x 1
okteto/registry-auth 0
astronomerinc/ap-registry Docker registry for the Astronomer Platform. 0
ibmcom/registry-amd64 0
kope/registry 0
okteto/registry-configurator 0
okteto/registry 0
ibmcom/reg-crawler Docker Image for IBM Cloud Private-CE (Commu… 0
docker/trusted-registry-index Search Index for Docker Trusted Registry 0
vmware/registry-photon 0
drud/registry 0
2.拉取registry镜像
[root@master ~]# docker pull registry:2.8
2.8: Pulling from library/registry
2408cc74d12b: Pull complete
ea60b727a1ce: Pull complete
c87369050336: Pull complete
e69d20d3dd20: Pull complete
fc30d7061437: Pull complete
Digest: sha256:bedef0f1d248508fe0a16d2cacea1d2e68e899b2220e2258f1b604e1f327d475
Status: Downloaded newer image for registry:2.8
docker.io/library/registry:2.8
3.创建挂载目录
mkdir -p /data/docker_registry
4.运行容器
[root@master ~]# docker run -d --name registry -p 5000:5000 -v /data/docker_registry:/var/lib/registry registry:2.8
1a0b525a22937f4dfc1d47d9418016598406698e0aeac46001ba9cebff65799e
5.查看registry容器
[root@master ~]# docker ps |grep reg
1a0b525a2293 registry:2.8 "/entrypoint.sh /etc…" 41 seconds ago Up 40 seconds 0.0.0.0:5000->5000/tcp, :::5000->5000/tcp registry
六、测试registry地址
[root@master ~]# curl http://192.168.3.146:5000/v2/_catalog
{"repositories":[]}
七、修改镜像仓库的权限
1.进入registry容器
[root@master ~]# docker exec -it 1a0b525a2293 /bin/sh
/ #
2.修改config.yml
/ # cat /etc/docker/registry/config.yml
version: 0.1
log:
fields:
service: registry
storage:
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /var/lib/registry
delete:
enabled: true
http:
addr: :5000
headers:
X-Content-Type-Options: [nosniff]
health:
storagedriver:
enabled: true
interval: 10s
threshold: 3
/ #
八、上传镜像到私有镜像仓库
1.给要上传镜像打上标签
docker tag registry:2.8 192.168.3.146:5000/registry:V2.0-person
2.查看本地镜像列表
[root@master ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 5.7 459651132a11 8 hours ago 429MB
mysql latest 33037edcac9b 8 hours ago 444MB
yourls latest c86efd6f02cd 11 hours ago 468MB
192.168.3.146:5000/registry V2.0-person 773dbf02e42e 6 weeks ago 24.1MB
registry 2.8 773dbf02e42e 6 weeks ago 24.1MB
registry V2.0-person 773dbf02e42e 6 weeks ago 24.1MB
3.修改docker启动参数
①修改docker启动参数
[root@master ~]# grep 5000 /lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry 192.168.3.146:5000
②重启docker服务
[root@master ~]# systemctl daemon-reload
[root@master ~]# systemctl restart docker.service
4.上传镜像到私有镜像仓库
[root@master ~]# docker push 192.168.3.146:5000/registry:V2.0-person
The push refers to repository [192.168.3.146:5000/registry]
a1d94f4a4c89: Pushed
1d80677cd085: Pushed
58548fced558: Pushed
79f02b258438: Pushed
24302eb7d908: Pushed
V2.0-person: digest: sha256:affdb68e24c93262ee98a5bdc371e8f631568e9b4401375e7a0ecc705ac526b2 size: 1363
5.查看镜像仓库上传的镜像
[root@master ~]# curl -XGET http://192.168.3.146:5000/v2/_catalog
{"repositories":["registry"]}
九、registry镜像仓库的管理
1.查看镜像的详细信息
[root@master ~]# curl --header "Accept: application/vnd.docker.distribution.manifest.v2+json" -I -XHEAD http://192.168.3.146:5000/v2/registry/manifests/V2.0-person
HTTP/1.1 200 OK
Content-Length: 1363
Content-Type: application/vnd.docker.distribution.manifest.v2+json
Docker-Content-Digest: sha256:affdb68e24c93262ee98a5bdc371e8f631568e9b4401375e7a0ecc705ac526b2
Docker-Distribution-Api-Version: registry/2.0
Etag: "sha256:affdb68e24c93262ee98a5bdc371e8f631568e9b4401375e7a0ecc705ac526b2"
X-Content-Type-Options: nosniff
Date: Wed, 13 Jul 2022 15:14:57 GMT
2.删除镜像的元数据
[root@master ~]# curl -v -X DELETE http://192.168.3.146:5000/v2/registry/manifests/sha256:affdb68e24c93262ee98a5bdc371e8f631568e9b4401375e7a0ecc705ac526b2
* About to connect() to 192.168.3.146 port 5000 (#0)
* Trying 192.168.3.146...
* Connected to 192.168.3.146 (192.168.3.146) port 5000 (#0)
> DELETE /v2/registry/manifests/sha256:affdb68e24c93262ee98a5bdc371e8f631568e9b4401375e7a0ecc705ac526b2 HTTP/1.1
> User-Agent: curl/7.29.0
> Host: 192.168.3.146:5000
> Accept: */*
>
< HTTP/1.1 202 Accepted
< Docker-Distribution-Api-Version: registry/2.0
< X-Content-Type-Options: nosniff
< Date: Wed, 13 Jul 2022 15:16:52 GMT
< Content-Length: 0
<
* Connection #0 to host 192.168.3.146 left intact
3.彻底清空镜像
[root@master ~]# docker exec -it 1a0b525a2293 /bin/sh
/ # cd /var/lib/registry/
/var/lib/registry # du -sh /var/lib/registry/
8.8M /var/lib/registry/
/var/lib/registry # cd ../
/var/lib # ls
apk misc registry udhcpd
/var/lib # registry garbage-collect /etc/docker/registry/config.yml
registry
0 blobs marked, 7 blobs and 0 manifests eligible for deletion
blob eligible for deletion: sha256:affdb68e24c93262ee98a5bdc371e8f631568e9b4401375e7a0ecc705ac526b2
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/af/affdb68e24c93262ee98a5bdc371e8f631568e9b4401375e7a0ecc705ac526b2 go.version=go1.16.15 instance.id=9ee52fce-b4a4-4671-a7eb-9304a7eddf8f service=registry
blob eligible for deletion: sha256:c87369050336f0361a8293961bc91964bfec56117b1d12c3b1cc7b8a6450f88b
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/c8/c87369050336f0361a8293961bc91964bfec56117b1d12c3b1cc7b8a6450f88b go.version=go1.16.15 instance.id=9ee52fce-b4a4-4671-a7eb-9304a7eddf8f service=registry
blob eligible for deletion: sha256:e69d20d3dd20002b58c1769fa21e355860b3d977b758de5aae93af9692179521
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/e6/e69d20d3dd20002b58c1769fa21e355860b3d977b758de5aae93af9692179521 go.version=go1.16.15 instance.id=9ee52fce-b4a4-4671-a7eb-9304a7eddf8f service=registry
blob eligible for deletion: sha256:ea60b727a1ce729d031ec1e4f2521a246e71bdb72d3fd9c9c04711cce80e1722
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/ea/ea60b727a1ce729d031ec1e4f2521a246e71bdb72d3fd9c9c04711cce80e1722 go.version=go1.16.15 instance.id=9ee52fce-b4a4-4671-a7eb-9304a7eddf8f service=registry
blob eligible for deletion: sha256:fc30d7061437e87abdd8b0ae689d384ea38481eb040af340e7f7feb20537a88b
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/fc/fc30d7061437e87abdd8b0ae689d384ea38481eb040af340e7f7feb20537a88b go.version=go1.16.15 instance.id=9ee52fce-b4a4-4671-a7eb-9304a7eddf8f service=registry
blob eligible for deletion: sha256:2408cc74d12b6cd092bb8b516ba7d5e290f485d3eb9672efc00f0583730179e8
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/24/2408cc74d12b6cd092bb8b516ba7d5e290f485d3eb9672efc00f0583730179e8 go.version=go1.16.15 instance.id=9ee52fce-b4a4-4671-a7eb-9304a7eddf8f service=registry
blob eligible for deletion: sha256:773dbf02e42e2691c752b74e9b7745623c4279e4eeefe734804a32695e46e2f3
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/77/773dbf02e42e2691c752b74e9b7745623c4279e4eeefe734804a32695e46e2f3 go.version=go1.16.15 instance.id=9ee52fce-b4a4-4671-a7eb-9304a7eddf8f service=registry
/var/lib #