centos7.2定制属于自己的docker私有库

erwewwewe · 发表于 2017-3-16 14:04:37

解决http协议的问题：
方法一：解决HTTPS问题
安装nginx，配置HTTPS协议
方法二：修改docker的配置文件
vim /etc/default/docker增加

1	OPTIONS="--insecure-registry 192.168.10.249:5000"

准备配置环境：

主机名	主机IP	服务
docker-images	10.0.0.5	docker 私有库库配置
	10.0.0.6	docker 客户端

1
2
3
4
5
6
7
8
9

[iyunv@docker-images ~]# cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
[iyunv@docker-images ~]# uname -r
3.10.0-327.el7.x86_64
[iyunv@docker-images ~]# uname -m
x86_64
[iyunv@docker-images ~]# uname -a
Linux docker-images 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
[iyunv@docker-images ~]#

开始配置（镜像库）
1、关闭防火墙和selinux

1
2
3
4
5
6

[iyunv@docker-images ~]# systemctl stop firewalld
[iyunv@docker-images ~]# systemctl disable firewalld #永久
[iyunv@docker-images ~]# setenforce 0
[iyunv@docker-images ~]# getenforce
Permissive
[iyunv@docker-images ~]#

2、安装docker

1
2
3

yum install docker
[iyunv@docker-images ~]# systemctl enable docker #加入开机自启动
[iyunv@docker-images ~]# systemctl start docker #开启服务

3、下载本地私有库registry

1
2
3
4
5

[iyunv@docker-images ~]# docker pull registry #默认下载最新版
[iyunv@docker-images ~]# docker images    #查看下载的镜像
REPOSITORY          TAG                IMAGE ID          CREATED          SIZE
docker.io/registry latest             047218491f8c       10 days ago       33.17 MB
[iyunv@docker-images ~]#

4、基于私有仓库镜像运行容器

1
2
3
4
5
6
7
8

[iyunv@docker-images ~]#  docker run -d -p 5000:5000 -v /opt/data/registry:/tmp/registry docker.io/registry
#默认仓库创建在/tmp/registry，用-v参数指定仓库存放位置
1e8b1a03013ee66034b40aee1820000a2ccf026a3b1e43606f3e4007b2a9d455
[iyunv@docker-images ~]#
[iyunv@docker-images ~]# docker ps #查看运行容器
CONTAINER ID       IMAGE             COMMAND                CREATED          STATUS             PORTS                   NAMES
1e8b1a03013e       docker.io/registry "/entrypoint.sh /etc/" 35 seconds ago    Up 32 seconds    0.0.0.0:5000->5000/tcp goofy_mcnulty
[iyunv@docker-images ~]#

5、访问私有仓库

1
2
3
4

[iyunv@docker-images ~]# curl 127.0.0.1:5000/v2
<a href="/v2/">Moved Permanently</a>.
[iyunv@docker-images ~]#
#说明registry部署成功

6、为基础镜像打标签

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

[iyunv@docker-images ~]# docker search  docker.io/fedora/ssh|grep docker.io/fedora/ssh
docker.io docker.io/fedora/ssh                                                                      20                [OK]
[iyunv@docker-images ~]# docker pull docker.io/fedora/ssh #下载镜像
[iyunv@docker-images ~]# docker images
REPOSITORY          TAG                IMAGE ID          CREATED          SIZE
docker.io/registry    latest             047218491f8c       10 days ago       33.17 MB
docker.io/fedora/ssh latest             ad6a3ff29626       4 weeks ago       396.7 MB
[iyunv@docker-images ~]# docker tag docker.io/fedora/ssh 127.0.0.1:5000/ssh #打标签
[iyunv@docker-images ~]# docker images
REPOSITORY          TAG                IMAGE ID          CREATED          SIZE
docker.io/registry    latest             047218491f8c       10 days ago       33.17 MB
127.0.0.1:5000/ssh    latest             ad6a3ff29626       4 weeks ago       396.7 MB
docker.io/fedora/ssh latest             ad6a3ff29626       4 weeks ago       396.7 MB
[iyunv@docker-images ~]#
[iyunv@docker-images ~]# vim /etc/sysconfig/docker
OPTIONS="--selinux-enabled  --insecure-registry 10.0.0.5:5000" #定制私有仓库URL
[iyunv@docker-images ~]# systemctl restart docker

7、提交镜像到本地私有库

1
2
3
4
5
6
7
8
9
10
11
12
13

[iyunv@docker-images ~]# docker start 1e8 #开启本地库
1e8
[iyunv@docker-images ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e8b1a03013e docker.io/registry "/entrypoint.sh /etc/" 4 hours ago Up 3 seconds 0.0.0.0:5000->5000/tcp goofy_mcnulty
[iyunv@docker-images ~]#
[iyunv@docker-images ~]# docker push 127.0.0.1:5000/ssh #上传打好标签的库
The push refers to a repository [127.0.0.1:5000/ssh]
482d621bda33: Pushed
510f15c27a8b: Pushed
e4f86288aaf7: Pushed
latest: digest: sha256:5ad5aec14bb7aa63fdcea1772db6ab5b5de99b0a023d234e61f5aa8c9435e8ff size: 948
[iyunv@docker-images ~]#

8、查看已经上传好的镜像

1
2
3

[iyunv@docker-images ~]# curl 10.0.0.5:5000/v2/_catalog
{"repositories":["ssh"]}
[iyunv@docker-images ~]#

浏览器中查看已经上传的镜像
http://10.0.0.5:5000/v2/_catalog

9、测试库是否可用，在准备好环境的另一台测试机上面下载上传的镜像

1
2
3
4

[iyunv@centos7 ~]# vim /etc/sysconfig/docker #加入私有仓库地址
OPTIONS="--selinux-enabled --insecure-registry 10.0.0.5:5000"
[iyunv@centos7 ~]# systemctl restart docker
[iyunv@centos7 ~]# docker pull 10.0.0.5:5000/ssh

可以看到已经可以下载镜像，证明私有仓库创建成功

1
2
3
4

[iyunv@centos7 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
10.0.0.5:5000/ssh latest ad6a3ff29626 4 weeks ago 396.7 MB
[iyunv@centos7 ~]#

接下来通过自己的私有库运行一个centos7容器
1、从其他的数据库上save一个centos镜像推送到私有库服务器上

1
2
3
4
5
6
7
8
9
10
11
12

[iyunv@docker-images ~]# ls
anaconda-ks.cfg  centos.tar
[iyunv@docker-images ~]# docker load < centos.tar #将镜像导入docker
34e7b85d83e4: Loading layer [==================================================>] 199.9 MB/199.9 MB
Loaded image: docker.io/centos:latest                                        ] 557.1 kB/199.9 MB
[iyunv@docker-images ~]# docker images
REPOSITORY          TAG                IMAGE ID          CREATED          SIZE
docker.io/registry    latest             047218491f8c       10 days ago       33.17 MB
127.0.0.1:5000/ssh    latest             ad6a3ff29626       4 weeks ago       396.7 MB
docker.io/fedora/ssh latest             ad6a3ff29626       4 weeks ago       396.7 MB
docker.io/centos    latest             67591570dd29       12 weeks ago       191.8 MB
[iyunv@docker-images ~]#

2、再次打上自己的标签

1
2
3
4
5
6
7
8
9
10

[iyunv@docker-images ~]# docker tag docker.io/centos:latest  10.0.0.5:5000/lcentos
#为了区别前面的，我将centos做了其他标记
[iyunv@docker-images ~]# docker images
REPOSITORY             TAG                IMAGE ID          CREATED          SIZE
docker.io/registry    latest             047218491f8c       10 days ago       33.17 MB
127.0.0.1:5000/ssh    latest             ad6a3ff29626       4 weeks ago       396.7 MB
docker.io/fedora/ssh latest             ad6a3ff29626       4 weeks ago       396.7 MB
docker.io/centos       latest             67591570dd29       12 weeks ago       191.8 MB
10.0.0.5:5000/lcentos latest             67591570dd29       12 weeks ago       191.8 MB
[iyunv@docker-images ~]#

3、上传标记好的镜像到自己的私有库

1	[iyunv@docker-images ~]# docker push 10.0.0.5:5000/lcentos

4、查看上传好的镜像

1
2
3

[iyunv@docker-images ~]# curl http://10.0.0.5:5000/v2/_catalog
{"repositories":["lcentos","ssh"]}
[iyunv@docker-images ~]#

浏览器查看

5、再次到准备好环境的那台测试机上面pull

1
2
3
4
5
6

[iyunv@centos7 ~]# docker pull 10.0.0.5:5000/lcentos
[iyunv@centos7 ~]# docker images
REPOSITORY             TAG                IMAGE ID          CREATED          SIZE
10.0.0.5:5000/ssh    latest             ad6a3ff29626       4 weeks ago       396.7 MB
10.0.0.5:5000/lcentos latest             67591570dd29       12 weeks ago       191.8 MB
[iyunv@centos7 ~]#

6、创建并运行一个容器

1
2
3
4
5
6

[iyunv@centos7 ~]# docker run -d -it --privileged=false -p 80:80 --name abccentos 10.0.0.5:5000/lcentos /bin/bash
15b9f42b3d63846085664139bff0c041f614bc2b717787686d23785d98b37160
[iyunv@centos7 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
15b9f42b3d63 10.0.0.5:5000/lcentos "/bin/bash" 16 seconds ago Up 13 seconds 0.0.0.0:80->80/tcp abccentos
[iyunv@centos7 ~]#

7、进入容器查看，可以看到centos的版本等信息

1
2
3
4
5
6
7
8

[iyunv@centos7 ~]# docker attach 15b9f42b3d63
[iyunv@15b9f42b3d63 /]# cat /etc/redhat-release
CentOS Linux release 7.3.1611 (Core)
[iyunv@15b9f42b3d63 /]# uname -r
3.10.0-327.el7.x86_64
[iyunv@15b9f42b3d63 /]# uname -a
Linux 15b9f42b3d63 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
[iyunv@15b9f42b3d63 /]#

以上就是整个创建私有镜像库的过程，欢迎一起交流学习。

账号		自动登录	找回密码
密码			立即注册

VMware vcenter+vSphere 6.5 U2共享

【跟谁学】韩宇极简英语课-技术人员不得不

用Zabbix通过JMX方式监控weblogic

winhex数据恢复教程（非常巨大，内容丰富）

Symantec Backup Exec 2015 2016/2012 BE20

NetScaler VPX部署之：NetScaler Gateway调

zabbix3.4.1安装部署+微信推送信息+大屏显

[经验分享] centos7.2定制属于自己的docker私有库

扫码加入运维网微信交流群