本文實例講述了CentOS7.2服務器上搭建Docker私有鏡像倉庫操作����。分享給大家供大家參考,具體如下:
鑒于國內pull鏡像的速度較慢��,很有必要搭建docker私有或者本地鏡像倉庫�����。
安裝docker
# yum -y install docker# systemctl start docker && systemctl enable docker
使用自簽名進行安全認證
創建存放證書和密鑰的certs目錄
# mkdir -p /docker/certs# chcon -Rt svirt_sandbox_file_t /docker/certs/
修改/etc/pki/tls/openssl.cnf配置文件
在該文件的[ v3_ca ]配置項中添加鏡像倉庫IP地址:
[ v3_ca ]# Extensions for a typical CAsubjectAltName = IP:192.168.120.128
生成證書和密鑰
# cd /docker && openssl req /-newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key /-x509 -days 365 -out certs/domain.crt# mkdir -p /etc/docker/certs.d/192.168.120.128:5000/# cp certs/domain.crt /etc/docker/certs.d/192.168.120.128/:5000/ca.crt
創建存放鏡像文件的后端存儲
# mkdir -p /docker/data/private_registry# chcon -Rt svirt_sandbox_file_t /docker/data/private_registry
重新啟動docker daemon
# systemctl restart docker
啟動私有鏡像倉庫
# docker run /-d /--name private_registry --restart=always /-u root /-p 5000:5000 /-v /docker/data/private_registry:/var/lib/registry /-v /docker/certs:/certs /-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt /-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key /registry:2
Docker加速器
該加速器可在pull鏡像較慢時配置實用���。
復制代碼代碼如下:
# curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://c282dc88.m.daocloud.io
測試
本地測試
# docker pull ubuntu# docker tag ubuntu 192.168.120.128:5000/ubuntu# docker pull 192.168.120.128:5000/ubuntuUsing default tag: latestTrying to pull repository 192.168.120.128:5000/ubuntu ...latest: Pulling from 192.168.120.128:5000/ubuntuDigest: sha256:382452f82a8bbd34443b2c727650af46aced0f94a44463c62a9848133ecb1aa8
遠程測試
在另一臺主機上執行以下命令進行測試:
# mkdir -p /etc/docker/certs.d/192.168.120.128:5000/# scp 192.168.120.128:/etc/docker/certs.d/192.168.120.128/:5000/ca.crt /etc/docker/certs.d/192.168.120.128/:5000/# systemctl restart docker# docker pull 192.168.120.128:5000/ubuntuUsing default tag: latestTrying to pull repository 192.168.120.128:5000/ubuntu ...latest: Pulling from 192.168.120.128:5000/ubuntub6f892c0043b: Pull complete55010f332b04: Pull complete2955fb827c94: Pull complete3deef3fcbd30: Pull completecf9722e506aa: Pull completeDigest: sha256:382452f82a8bbd34443b2c727650af46aced0f94a44463c62a9848133ecb1aa8
希望本文所述對大家Docker容器使用有所幫助。
注:相關教程知識閱讀請移步到服務器教程頻道��。
