Home>Article>Operation and Maintenance> How to build a docker private warehouse
In Docker, when we execute the docker pull xxx command, we may be curious about where docker will search and What about downloading the image?
Related recommendations:docker tutorial
Question answer:
It actually goes from the registry.hub.docker.com address Search, this is the public warehouse provided by the Docker company. The above image is available to everyone and can be used. Therefore, we can also bring the warehouse address to pull the image, such as: docker pull registry.hub.docker.com/library/alpine, but be aware that the default name of the image downloaded in this way will be longer.
If we want to use Docker in the company, it is basically impossible for us to upload commercial projects to a public warehouse. So what can we do if we want to share it with multiple machines?
Because of this need, private warehouses come into play.
The so-called private warehouse is something similar to a public warehouse built locally (LAN). After it is built, we can submit the image to the private warehouse. In this way, we can use Docker to run our project images and avoid the risk of commercial projects being exposed.
Below we use the official registry image to build a private image warehouse. Of course, there are many other methods.
Prepare two servers with docker installed: Server machine (host name is registry): docker private warehouse server, running registry container; Test machine (host name is node): Ordinary docker server, download a test image nginx on this server, and then upload it to the registry server for testing;
Download image registry
# docker pull registryUsing default tag: latest latest: Pulling from library/registry 81033e7c1d6a: Pull complete b235084c2315: Pull complete c692f3a6894b: Pull complete ba2177f3a70e: Pull complete a8d793620947: Pull complete Digest: sha256:672d519d7fd7bbc7a448d17956ebeefe225d5eb27509d8dc5ce67ecb4a0bce54 Status: Downloaded newer image for registry:latest复制代码
View image
# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZE registry latest f32a97de94e1 3 months ago 25.8 MB复制代码
Run registry container
# docker run -itd -v /data/registry:/var/lib/registry -p 5000:5000 --restart=always --name registry registry:latest
06a972de6218b1f1c3bf9b53eb9068dc66d147d14e18a89ab51db13e339d3dc9
Parameter description -itd: Open a pseudo terminal in the container for interactive operations and run it in the background; -v: Bind the host's /data/registry directory to the container's /var/lib/registry directory (this directory is the directory where image files are stored in the registry container) to achieve data persistence; -p: Mapping port; accessing the 5000 port of the host will access the service of the registry container; --restart=always: This is the restart strategy. If the container exits abnormally, the container will be automatically restarted; --name registry: Create a container named registry, you can name it whatever you want; registry:latest: This is the image that was just pulled;
Test all the images in the image warehouse
# curl http://127.0.0.1: 5000/v2/_catalog
{"repositories":[]}
is now empty because it has just been run and there is no image content in it.
Modify the source and image warehouse
# vim /etc/docker/daemon.json{"registry-mirrors": [ "https://registry.docker-cn.com"] }# systemctl restart docker复制代码
Download nginx image
# docker pull nginx# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZE nginx latest 719cd2e3ed04 2 weeks ago 109MB复制代码
Tag the image
# docker tag nginx:latest registry服务器:5000/nginx:kurisu复制代码
Format description: Usage: docker tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]
nginx:lastest
This is the source image and the image file that was just pulled;registry server:5000/nginx:kurisu
This is the target Mirror is also the IP address and port of the registry's private mirror server;
View the effect
# docker images REPOSITORY TAG IMAGE ID CREATED SIZE registry服务器:5000/nginx kurisu 719cd2e3ed04 2 weeks ago 109MB nginx latest 719cd2e3ed04 2 weeks ago 109MB复制代码
Upload to the mirror server
# docker push registry服务器:5000/nginxThe push refers to repository [registry服务器:5000/nginx] Get https://registry服务器:5000/v2/: http: server gave HTTP response to HTTPS client复制代码
This is an error, The https method is required to upload. We can modify daemon.json to solve the problem:
[root@node ~]# vim /etc/docker/daemon.json { "registry-mirrors": [ "https://registry.docker-cn.com"], "insecure-registries": [ "registry服务器:5000"] }复制代码
Add the address of the private mirror server. Note that the writing format is json. There are strict writing requirements, and then restart the docker service:# systemctl restart docker
Upload again:
# docker push registry服务器:5000/nginxThe push refers to repository [registry服务器:5000/nginx] d7acf794921f: Pushed d9569ca04881: Pushed cf5b3c6798f7: Pushed kurisu: digest: sha256:079aa93463d2566b7a81cbdf856afc6d4d2a6f9100ca3bcbecf24ade92c9a7fe size: 948复制代码
Test download image
The upload test is no problem, let’s test it from the registry server Download the busybox image just uploaded, first delete the image on the node host:
# docker rmi -f $(docker images -aq)Untagged: registry服务器:5000/nginx:kurisu Untagged: registry服务器:5000/nginx@sha256:079aa93463d2566b7a81cbdf856afc6d4d2a6f9100ca3bcbecf24ade92c9a7fe Untagged: nginx:latest Untagged: nginx@sha256:bdbf36b7f1f77ffe7bd2a32e59235dff6ecf131e3b6b5b96061c652f30685f3a Deleted: sha256:719cd2e3ed04781b11ed372ec8d712fac66d5b60a6fb6190bf76b7d18cb50105 Deleted: sha256:e9b6506fb887de50972aefd99d7c5eb56b1a8e757ed953cdfecb86b5359bcb22 Deleted: sha256:55d9d9692a9615a28d183a42bc3881a72a39393feba3664e669e7affb78daa76 Deleted: sha256:cf5b3c6798f77b1f78bf4e297b27cfa5b6caa982f04caeb5de7d13c255fd7a1e复制代码
Check that all the images on the node host have been deleted:
# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZE复制代码
Then, download the nginx image from the registry server :
# docker pull registry服务器:5000/nginx:kurisukurisu: Pulling from nginxfc7181108d40: Pull complete c4277fc40ec2: Pull complete 780053e98559: Pull complete Digest: sha256:079aa93463d2566b7a81cbdf856afc6d4d2a6f9100ca3bcbecf24ade92c9a7fe Status: Downloaded newer image for registry服务器:5000/nginx:kurisu复制代码
View the image on the node host:
# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZE registry服务器:5000/nginx kurisu 719cd2e3ed04 2 weeks ago 109MB复制代码
# curl http://registry服务器:5000/v2/_catalog{"repositories":["nginx"]}复制代码
# curl http://registry服务器:5000/v2/nginx/tags/list{"name":"nginx","tags":["kurisu"]}复制代码
The above is the detailed content of How to build a docker private warehouse. For more information, please follow other related articles on the PHP Chinese website!