我是靠谱客的博主 可爱咖啡,最近开发中收集的这篇文章主要介绍Docker学习笔记(四) —— 镜像仓库制作(公有+私有+Harbor)一、官方仓库二、docker本地容器镜像仓库,觉得挺不错的,现在分享给大家,希望可以做个参考。

概述

文章目录

  • 一、官方仓库
    • 1.官方镜像仓库
      • 1) web页面登录
      • 2) Linux命令行登录
    • 2. dockerhup镜像上传、下载
      • 1) 镜像上传
      • 2) 镜像下载
    • 3. 镜像加速器
      • 1) 阿里云加速器
  • 二、docker本地容器镜像仓库
    • 1.使用registry容器镜像实现本地非安全镜像仓库
      • 1) 下载registry容器镜像
      • 2) 创建用于挂载至registry镜像启动的仓库中,便于容器镜像持久保存
      • 3) 启动容器获取镜像仓库
      • 4) 验证是否可用
      • 5) 在其它主机中使用此镜像仓库
    • 2. 使用Harbor实现本地通过web进行管理的非安全仓库
      • 1) 工具准备
      • 2) 获取harbor
      • 3) 启动
      • 4) 镜像上传下载操作


一、官方仓库

  • 公有仓库
  • 私有仓库

1.官方镜像仓库

公有的官方镜像仓库dockerhub

1) web页面登录

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-yat5lnmc-1664954641407)(assets/1664867411222.png)]

在这里插入图片描述

在这里插入图片描述

2) Linux命令行登录

[root@docker ~]# docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: hehayu # 用户
Password:
# 密码
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
退出登录
[root@docker ~]# docker logout
Removing login credentials for https://index.docker.io/v1/

2. dockerhup镜像上传、下载

1) 镜像上传

我们从dockerhub上下载的公开镜像是不能直接上传的,要先tag(打标签,类似于重新指定路径并命名)

[root@docker ~]# docker images
REPOSITORY
TAG
IMAGE ID
CREATED
SIZE
centos
latest
5d0da3dc9764
12 months ago
231MB
[root@docker ~]# docker tag centos:latest hehayu/centos:v1
[root@docker ~]# docker images
REPOSITORY
TAG
IMAGE ID
CREATED
SIZE
hehayu/centos
v1
5d0da3dc9764
12 months ago
231MB
centos
latest
5d0da3dc9764
12 months ago
231MB

把已打标记的容器镜像上传到公有仓库

[root@docker ~]# docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: hehayu
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@docker ~]# docker push hehayu/centos:v1
The push refers to repository [docker.io/hehayu/centos]
74ddd0ec08fa: Mounted from library/centos
v1: digest: sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc size: 529

在这里插入图片描述

2) 镜像下载

可以先删除掉原来的镜像

[root@docker ~]# docker images
REPOSITORY
TAG
IMAGE ID
CREATED
SIZE
[root@docker ~]# docker pull hehayu/centos:v1
v1: Pulling from hehayu/centos
a1d0c7532777: Already exists
Digest: sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc
Status: Downloaded newer image for hehayu/centos:v1
docker.io/hehayu/centos:v1
[root@docker ~]# docker images
REPOSITORY
TAG
IMAGE ID
CREATED
SIZE
hehayu/centos
v1
5d0da3dc9764
12 months ago
231MB

3. 镜像加速器

1) 阿里云加速器

在这里插入图片描述

在这里插入图片描述

在这里插入图片描述

修改/etc/docker/daemon.json

重启服务

systemctl daemon-reload
systemctl restart docker

二、docker本地容器镜像仓库

  • 在局域内使用
  • 方便与其它系统进行集成
  • 上传下载大镜像时

环境准备

2台CentOS机器,都安装docker环境。

一台用来测试参仓库下载,一台安装registry做镜像仓库。

要在同一网段,关闭防火墙SELinux

1.使用registry容器镜像实现本地非安全镜像仓库

1) 下载registry容器镜像

 [root@registry ~]# docker pull registry
Using default tag: latest
latest: Pulling from library/registry
79e9f2f55bf5: Pull complete
0d96da54f60b: Pull complete
5b27040df4a2: Pull complete
e2ead8259a04: Pull complete
3790aef225b9: Pull complete
Digest: sha256:169211e20e2f2d5d115674681eb79d21a217b296b43374b8e39f97fcf866b375
Status: Downloaded newer image for registry:latest
docker.io/library/registry:latest
[root@registry ~]# docker images
REPOSITORY
TAG
IMAGE ID
CREATED
SIZE
registry
latest
b8604a3fe854
10 months ago
26.2MB

2) 创建用于挂载至registry镜像启动的仓库中,便于容器镜像持久保存

[root@registry ~]# mkdir /opt/dockerregistry

3) 启动容器获取镜像仓库

  • –restart=always:一种重启策略,假如物理机关机重启,容器也会自动重启,不用手动重启
  • /var/lib/registr :registry指定要挂载到的目录
[root@registry ~]# docker run -d -p 5000:5000 --restart=always -v /opt/dockerregistry:/var/lib/registry registry:latest
c9b86d83720fe550142063fdebc87adadd64a4d6840c8d471399f2d5726233db
[root@registry ~]# docker ps
CONTAINER ID
IMAGE
COMMAND
CREATED
STATUS
PORTS
NAMES
c9b86d83720f
registry:latest
"/entrypoint.sh /etc…"
7 seconds ago
Up 5 seconds
0.0.0.0:5000->5000/tcp, :::5000->5000/tcp
nostalgic_cerf

4) 验证是否可用

[root@registry ~]# curl http://192.168.44.120:5000/v2/_catalog
{"repositories":[]}
 [root@registry ~]# vim /etc/docker/daemon.json
{
"insecure-registries": ["http://192.168.44.120:5000"]
}
[root@registry ~]# systemctl restart docker
给镜像打标记
[root@registry ~]# docker images
REPOSITORY
TAG
IMAGE ID
CREATED
SIZE
registry
latest
b8604a3fe854
10 months ago
26.2MB
centos
latest
5d0da3dc9764
12 months ago
231MB
[root@registry ~]# docker tag centos:latest 192.168.44.120:5000/centos:v1
[root@registry ~]# docker images
REPOSITORY
TAG
IMAGE ID
CREATED
SIZE
registry
latest
b8604a3fe854
10 months ago
26.2MB
192.168.44.120:5000/centos
v1
5d0da3dc9764
12 months ago
231MB
centos
latest
5d0da3dc9764
12 months ago
231MB

上传到仓库

[root@registry ~]# docker push 192.168.44.120:5000/centos:v1
The push refers to repository [192.168.44.120:5000/centos]
74ddd0ec08fa: Pushed
v1: digest: sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc size: 529
[root@registry ~]# ls /opt/dockerregistry/
docker
[root@registry ~]# ls /opt/dockerregistry/docker/
registry
[root@registry ~]# ls /opt/dockerregistry/docker/registry/
v2
[root@registry ~]# ls /opt/dockerregistry/docker/registry/v2/
blobs
repositories
[root@registry ~]# ls /opt/dockerregistry/docker/registry/v2/repositories/
centos

5) 在其它主机中使用此镜像仓库

第一步修改:/usr/lib/systemd/system/docker.service ,容器间互联(–link)

[root@docker ~]# vim /usr/lib/systemd/system/docker.service
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always

第二步创建:/etc/docker/daemon.json

# vim /etc/docker/daemon.json 
添加镜像仓库主机ip
"insecure-registries": ["http://192.168.122.33:5000"]

第三步:重启

[root@docker ~]# systemctl daemon-reload;systemctl restart docker

第四步:测试下载

[root@docker ~]# docker pull 192.168.44.120:5000/centos:v1
v1: Pulling from centos
a1d0c7532777: Pull complete
Digest: sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc
Status: Downloaded newer image for 192.168.44.120:5000/centos:v1
192.168.44.120:5000/centos:v1
[root@docker ~]# docker images
REPOSITORY
TAG
IMAGE ID
CREATED
SIZE
192.168.44.120:5000/centos
v1
5d0da3dc9764
12 months ago
231MB

2. 使用Harbor实现本地通过web进行管理的非安全仓库

  • vmware公司开源
  • 良好的中文界面
  • web管理界面
  • 使用广泛

环境准备

1) 工具准备

  • 使用docker-compose工具进行启动

在这里插入图片描述

在harbor机器上安装并启动docker


# yum install -y yum-utils device-mapper-persistent-data lvm2
# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
# yum repolist
# yum -y install docker-ce
# systemctl start docker

再安装 compose

[root@harhor ~]# curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
% Total
% Received % Xferd
Average Speed
Time
Time
Time
Current
Dload
Upload
Total
Spent
Left
Speed
0
0
0
0
0
0
0
0 --:--:-- --:--:-- --:--:--
0
100 11.6M
100 11.6M
0
0
2568k
0
0:00:04
0:00:04 --:--:-- 3427k
将可执行权限应用于二进制文件
[root@harhor ~]# chmod +x /usr/local/bin/docker-compose
创建指向/usr/bin或路径中任何其他目录的符号链接
[root@harhor ~]# ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
[root@harhor ~]# docker-compose version
docker-compose version 1.27.4, build 40524192
docker-py version: 4.3.1
CPython version: 3.7.7
OpenSSL version: OpenSSL 1.1.0l
10 Sep 2019
查看版本
docker-compose version

2) 获取harbor

harbor下载地址

我这里是tar xf harbor-offline-installer-v1.10.14.tgz版本

[root@harhor ~]# tar xf harbor-offline-installer-v1.10.14.tgz
[root@harhor ~]# cd harbor
[root@harhor harbor]# vim harbor.yml
把这一项修改为本机ip
hostname: 192.168.44.110
默认的admin密码
harbor_admin_password: Harbor12345

3) 启动

# ./install.sh
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating harbor-portal ... done
Creating harbor-db
... done
Creating redis
... done
Creating registry
... done
Creating registryctl
... done
Creating harbor-core
... done
Creating harbor-jobservice ... done
Creating nginx
... done
✔ ----Harbor has been installed and started successfully.----

在浏览器上访问http://本机ip

在这里插入图片描述

在这里插入图片描述

公开项目: 下载镜像不需要docker login登录,但上传镜像还是需要docker
login登录
私有项目: 都需要docker login登录才以上传下载

4) 镜像上传下载操作

在docker主机下载一个随便下一个镜像测试,并打上标记

[root@docker ~]# docker pull centos

[root@docker ~]# docker images
REPOSITORY
TAG
IMAGE ID
CREATED
SIZE
centos
latest
5d0da3dc9764
12 months ago
231MB
[root@docker ~]# docker tag centos:latest 192.168.44.110/test/centos-test:v1

[root@docker ~]# docker images
REPOSITORY
TAG
IMAGE ID
CREATED
SIZE
192.168.44.110/test/centos-test
v1
5d0da3dc9764
12 months ago
231MB
centos
latest
5d0da3dc9764
12 months ago
231MB

在docker主机上安装docker,并修改配置文件

因为docker用https通讯,所以还需要做证书,太麻烦。
配置"insecure-registries": [“harbor服务器IP”]来使用http通讯

[root@docker ~]# vim /etc/docker/daemon.json
{
"insecure-registries": ["http://192.168.44.110"]
}
重启docker
# systemctl restart docekr

在这里插入图片描述

上传镜像

[root@docker ~]# docker login http://192.168.44.110
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@docker ~]# docker push 192.168.44.110/test/centos-test:v1
The push refers to repository [192.168.44.110/test/centos-test]
74ddd0ec08fa: Pushed
v1: digest: sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc size: 529

回到网页查看

在这里插入图片描述


最后

以上就是可爱咖啡为你收集整理的Docker学习笔记(四) —— 镜像仓库制作(公有+私有+Harbor)一、官方仓库二、docker本地容器镜像仓库的全部内容,希望文章能够帮你解决Docker学习笔记(四) —— 镜像仓库制作(公有+私有+Harbor)一、官方仓库二、docker本地容器镜像仓库所遇到的程序开发问题。

如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。

本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
点赞(54)

评论列表共有 0 条评论

立即
投稿
返回
顶部