docker搭建私有仓库

一、宿主机安装

1.extras源中下载安装distributon包

编写源

[extras]
name=extra
baseurl=https://mirrors.aliyun.com/centos-vault/7.9.2009/extras/x86_64/
gpgcheck=0

安装docker-distribution

yum install docker-distribution -y

查看安装后相关文件存放路径
[root@docker-learn yum.repos.d]# rpm -ql docker-distribution
/etc/docker-distribution/registry/config.yml
/usr/bin/registry
/usr/lib/systemd/system/docker-distribution.service
/usr/share/doc/docker-distribution-2.6.2
/usr/share/doc/docker-distribution-2.6.2/AUTHORS
/usr/share/doc/docker-distribution-2.6.2/CONTRIBUTING.md
/usr/share/doc/docker-distribution-2.6.2/LICENSE
/usr/share/doc/docker-distribution-2.6.2/MAINTAINERS
/usr/share/doc/docker-distribution-2.6.2/README.md
/var/lib/registry

docker 上传下载默认只支持https协议，搭建的私有仓库是http协议。因此要在daemon.json文件中添加insecure-registries

"insecure-registries": ["192.168.157.10:5000"]

[root@docker-learn ~]# systemctl daemon-reload
[root@docker-learn ~]# systemctl restart docker

2、仓库上传镜像，进行拉取

1）打包镜像

[root@docker-learn yum.repos.d]# docker tag busybox:latest 192.168.157.10:5000/busybox1:v1

2）启动镜像仓库

[root@docker-learn yum.repos.d]# systemctl start docker-distribution.service

3）将镜像push到私有仓库

[root@docker-learn yum.repos.d]# docker push 192.168.157.10:5000/busybox1:v1
The push refers to repository [192.168.157.10:5000/busybox1]
01fd6df81c8e: Pushed
v1: digest: sha256:62ffc2ed7554e4c6d360bce40bbcf196573dd27c4ce080641a2c59867e732dee size: 527
[root@docker-learn repositories]# ls
busybox1
[root@docker-learn repositories]# pwd
/var/lib/registry/docker/registry/v2/repositories

4）删除刚才打包的镜像

[root@docker-learn repositories]# docker image rm 192.168.157.10:5000/busybox1:v1
Untagged: 192.168.157.10:5000/busybox1:v1
Untagged: 192.168.157.10:5000/busybox1@sha256:62ffc2ed7554e4c6d360bce40bbcf196573dd27c4ce080641a2c59867e732dee

5）从私有仓库拉取刚才上传的镜像

[root@docker-learn repositories]# docker pull 192.168.157.10:5000/busybox1:v1
v1: Pulling from busybox1
Digest: sha256:62ffc2ed7554e4c6d360bce40bbcf196573dd27c4ce080641a2c59867e732dee
Status: Downloaded newer image for 192.168.157.10:5000/busybox1:v1
192.168.157.10:5000/busybox1:v1
[root@docker-learn repositories]# docker images | grep 192.168.157.10
192.168.157.10:5000/busybox1   v1            beae173ccac6   14 months ago   1.24MB

二、下载镜像registry开启容器

1.拉取registry

docker pull registry

1.1修改daemon.json文件

[root@docker-learn registry]# cat /etc/docker/daemon.json
{
  "registry-mirrors":["https://registry.docker-cn.com"],
  "insecure-registries": ["192.168.157.10:5000","192.168.157.10:5555"]
}

1.2重启docker

[root@docker-learn registry]# systemctl daemon-reload
[root@docker-learn registry]# systemctl restart docker

2、开启容器

2.1启动registry容器，进行数据卷挂载（主要是用来数据卷来存储镜像，不至于镜像随着容器丢失而丢失），端口映射

[root@docker-learn ~]# docker run -d --name=registry_test -v /data/registry:/var/lib/registry -p 5555:5000 registry:latest
3825e6f3579e7afaa8cffaaa7390dcf00f39a095d6194a6e8c95c665571dd848

2.2尝试push镜像到registry容器并进行pull

1）将需要push的包打标签

[root@docker-learn registry]# docker tag busybox:latest 192.168.157.10:5555/busybox:v1

2）从对应端口push包

[root@docker-learn registry]# docker push 192.168.157.10:5555/busybox:v1

3）可以看到已存到指定的宿主机目录下

[root@docker-learn repositories]# pwd
data/registry/docker/registry/v2/repositories
[root@docker-learn repositories]# ls
busybox

4）尝试push

[root@docker-learn repositories]# docker pull 192.168.157.10:5555/busybox:v1
v1: Pulling from busybox
Digest: sha256:62ffc2ed7554e4c6d360bce40bbcf196573dd27c4ce080641a2c59867e732dee
Status: Downloaded newer image for 192.168.157.10:5555/busybox:v1
192.168.157.10:5555/busybox:v1
[root@docker-learn repositories]# docker images | grep 5555
192.168.157.10:5555/busybox    v1            beae173ccac6   14 months ago   1.24MB/

三、搭建私有仓库harbor

1.下载文本编排工具docker-compose

curl -L https://github.com/docker/compose/releases/download/1.23.2/docker-compose-Linux-x86_64 -o /usr/local/bin/docker-compose

文件增加执行权限

[root@docker-learn bin]# chmod +x docker-compose
[root@docker-learn bin]# ll
total 20
-rwxr-xr-x. 1 root root 18906 Mar 18 21:40 docker-compose
[root@docker-learn bin]# pwd
/usr/local/bin

2.添加硬盘存放数据

添加了一块SCSI 5G进行磁盘分区
$ fdisk -l
$ fdisk /dev/sdb
磁盘格式化
[root@docker-learn ~]# mkfs.ext4 /dev/sdb1

磁盘进行挂载
第一种：
[root@docker-learn ~]# mkdir /harbor_m/ && mount /dev/sdb1 /harbor_m/
第二种：
[root@docker-learn ~]# vim /etc/fstab
/dev/sdb1 /harbor_m/                            ext4    defaults        0 0
[root@docker-learn ~]# mount -a

3.安装搭建Harbor

3.1 获取安装包

[root@docker-learn ~]# wget -c https://storage.googleapis.com/harbor-releases/release-1.7.0/harbor-offline-installer-v1.7.1.tgz
[root@docker-learn ~]# ls
anaconda-ks.cfg  docker_build  harbor-offline-installer-v1.7.1.tgz  nginx_alpine.tar.gz  nginx_tes
[root@docker-learn ~]# tar -xf harbor-offline-installer-v1.7.1.tgz -C /harbor_m/
[root@docker-learn ~]# cd /harbor_m/
[root@docker-learn harbor]# vim harbor.cfg 

3.2 安装启动harbor

3.2.1查看监听情况

[root@docker-learn harbor]# netstat -lnupt | grep docker
[root@docker-learn harbor]# ss -lnupt | grep docker
 #账号和密码在harbor.cfg文件中

​

在daemon.json文件中配置信任私有仓库

vim /etc/docker/daemon.json
"insecure-registries": ["192.168.157.10:80"]


#重新加载文件启动docker
systemctl daemon-reload
systemctl restart docker

  此时因为重启了docker因此要将容器进行启动

docker-compose up -d

在网页上新建项目

3.3上传和拉取镜像

#添加解析

[root@docker-learn harbor]# vim /etc/hosts
192.168.157.10 docker_test

#镜像仓库登录​

[root@docker-learn harbor]# docker login 192.168.157.10:80
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
​
Login Succeeded

#打包镜像并上传

[root@docker-learn harbor]# docker image tag busybox:latest 192.168.157.10:80/test/busybox:v1
[root@docker-learn harbor]# docker push 192.168.157.10:80/test/busybox:v1
The push refers to repository [192.168.157.10:80/test/busybox]
01fd6df81c8e: Pushed
v1: digest: sha256:62ffc2ed7554e4c6d360bce40bbcf196573dd27c4ce080641a2c59867e732dee size: 527

#拉取镜像

[root@docker-learn harbor]# docker image rm 192.168.157.10:80/test/busybox:v1
[root@docker-learn harbor]# docker image pull 192.168.157.10:80/test/busybox:v1
v1: Pulling from test/busybox
Digest: sha256:62ffc2ed7554e4c6d360bce40bbcf196573dd27c4ce080641a2c59867e732dee
Status: Downloaded newer image for 192.168.157.10:80/test/busybox:v1

​