一、环境
1.Docker Registry服务器
[root@ea9189 registry]#cat etc/oracle-release
Oracle Linux Server release 7.3
[root@ea9189 registry]#uname -a
Linux ea9189 4.1.12-94.2.1.el7uek.x86_64 #2 SMP Wed Apr 26 15:32:38 PDT 2017 x86_64 x86_64 x86_64 GNU/Linux
IP地址:129.191.26.216
Docker版本:
[root@ea9189 registry]#docker version
Client:
Version: 1.12.6
API version: 1.24
Go version: go1.6.4
Git commit: ac13b2b
Built: Wed Mar 22 02:52:47 2017
OS/Arch: linux/amd64
Server:
Version: 1.12.6
API version: 1.24
Go version: go1.6.4
Git commit: ac13b2b
Built: Wed Mar 22 02:52:47 2017
OS/Arch: linux/amd64
2.Docker客户端
[root@eeea9d opc]# cat etc/oracle-release
Oracle Linux Server release 6.9
[root@eeea9d opc]# uname -a
Linux eeea9d 4.1.12-94.2.1.el6uek.x86_64 #2 SMP Wed Apr 26 15:32:52 PDT 2017 x86_64 x86_64 x86_64 GNU/Linux
IP地址:129.191.26.138
Docker版本:
[root@eeea9d opc]# docker version
Client:
Version: 1.12.6
API version: 1.24
Go version: go1.6.4
Git commit: 1512168
Built: Wed Jan 11 09:49:56 2017
OS/Arch: linux/amd64
Server:
Version: 1.12.6
API version: 1.24
Go version: go1.6.4
Git commit: 1512168
Built: Wed Jan 11 09:49:56 2017
OS/Arch: linux/amd64
二、搭建Docker Registry
在Registry服务器(129.191.26.216)上先下载registry镜像。
注意两个文件系统:
/var/lib/docker是docker engine的安装目录,存放本地的docker镜像和容器,文件系统类型为btrfs。
/software是计划存放registry镜像的目录,在本例中使用的是NFS,该文件系统是原本是Oracle云上的标准对象存储,通过Oracle云存储网关(OSCSA : Oracle Storage Cloud Software Appliance)将标准对象存储转换成普通文件系统,然后在服务器上将该文件系统以NFS的方式挂载到本地。本公众号有专门的文章,介绍如何采用OSCSA,将Oracle存储云服务中的标准对象存储转换成NFS文件系统。
[root@ea9189 registry]#df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 7.4G 0 7.4G 0% /dev
tmpfs 7.4G 0 7.4G 0% /dev/shm
tmpfs 7.4G 25M 7.4G 1% /run
tmpfs 7.4G 0 7.4G 0% /sys/fs/cgroup
/dev/mapper/vg_main-lv_root 6.0G 2.0G 4.1G 33% /
/dev/xvdb1 497M 156M 342M 32% /boot
/dev/xvdc 50G 736M 50G 2% /var/lib/docker
129.191.26.212:/software 8.0T 4.0T 4.0T 50% /software
tmpfs 1.5G 0 1.5G 0% /run/user/1000
查看本地已有镜像:
[root@ea9189 registry]#docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
wordpress latest ca96afcfa242 40 hours ago 405.7 MB
mysql latest e799c7f9ae9c 9 days ago 407.3 MB
从docker hub上下载registry镜像
[root@ea9189 registry]#docker pull registry:2
2: Pulling from library/registry
79650cf9cc01: Pull complete
70ce42745103: Pull complete
77edd1a7fa4d: Pull complete
432773976ace: Pull complete
3234a47fe5a9: Pull complete
Digest: sha256:a3551c422521617e86927c3ff57e05edf086f1648f4d8524633216ca363d06c2
Status: Downloaded newer image for registry:2
[root@ea9189 registry]#docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
wordpress latest ca96afcfa242 40 hours ago 405.7 MB
registry 2 9d0c4eabab4d 8 days ago 33.17 MB
mysql latest e799c7f9ae9c 9 days ago 407.3 MB
启动registry,注意要将容器中存放镜像的目录映射到本地指定目录中,确保即便registry容器被删除时,registry中的镜像不会随之删除。
docker run -d -p 5000:5000 -v /software/docker/registry:/var/lib/registry --restart=always --name registry registry:2
[root@ea9189 registry]#docker run -d -p 5000:5000 -v /software/docker/registry:/var/lib/registry --restart=always --name registry registry:2
34888c559566940b405e38d203affd5379fe27ad2cf57d72cd7bc68dbb982d03
[root@ea9189 registry]#docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
34888c559566 registry:2 "/entrypoint.sh /etc/" 7 seconds ago Up 5 seconds 0.0.0.0:5000->5000/tcp registry
三、从Docker Registry中上传和下载镜像
在docker客户端(129.191.26.138)中编辑镜像,并上传到Docker Registry中。
本地已有镜像:
[root@eeea9d opc]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql/mysql-server latest a9c01500e807 8 days ago 214.9 MB
sath89/oracle-12c latest ad95eb516624 7 weeks ago 5.692 GB
cheneyyu8282/helloworld latest cd053ab20859 12 months ago 249.1 MB
先将本地的镜像cheneyyu8282/helloworld 打上tag,再上传到Docker Registry上,主要新的tag上要将Docker registry服务器的IP和端口加上去。
[root@eeea9d opc]# docker tag cheneyyu8282/helloworld 129.191.26.216:5000/yc/helloworld
[root@eeea9d opc]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql/mysql-server latest a9c01500e807 8 days ago 214.9 MB
sath89/oracle-12c latest ad95eb516624 7 weeks ago 5.692 GB
129.191.26.216:5000/yc/helloworld latest cd053ab20859 12 months ago 249.1 MB
cheneyyu8282/helloworld latest cd053ab20859 12 months ago 249.1 MB
上传到Docker registry上
[root@eeea9d opc]# docker push 129.191.26.216:5000/yc/helloworld
The push refers to a repository [129.191.26.216:5000/yc/helloworld]
Get https://129.191.26.216:5000/v1/_ping: http: server gave HTTP response to HTTPS client
以上信息提示表明,该registry类型为insecure registry,需要在本地docker daemon中加入insecure-registries启动参数。
通过以下命令在docker daemon中添加insecure-registries选项
echo '{ "insecure-registries":["129.191.26.216:5000"] }' > /etc/docker/daemon.json
[root@eeea9d opc]# echo '{ "insecure-registries":["129.191.26.216:5000"] }' > /etc/docker/daemon.json
[root@eeea9d opc]# cat /etc/docker/daemon.json
{ "insecure-registries":["129.191.26.216:5000"] }
重启docker daemon,然后重新上传镜像。
[root@eeea9d opc]# service docker restart
Stopping docker: [ OK ]
Starting docker: . [ OK ]
[root@eeea9d opc]# docker push 129.191.26.216:5000/yc/helloworld
The push refers to a repository [129.191.26.216:5000/yc/helloworld]
80d0cb488450: Pushed
d2c2ae43612c: Pushed
9c5327895952: Pushed
b9e672dabbd1: Pushed
1d2d6e99423c: Pushed
fbbce9d88e65: Pushed
4abb805eca94: Pushed
8d5e844ee251: Pushed
5f70bf18a086: Pushed
a3b5c80a4eba: Pushed
7f18b442972b: Pushed
3ce512daaf78: Pushed
7aae4540b42d: Pushed
latest: digest: sha256:3abe255db5af39c7a1d4524c506ded2ef0bd723a8a2be5da6545a9c3ad85f68e size: 3028
上传成功!
测试从docker registry上下载镜像。
由于本次测试只有两台服务器(Oracle Compute Cloud Service上的两个实例),没有第三台服务器,所以就在docker registry服务器上,测试将registry上刚刚上传的镜像,下载到本地。
登录Docker registry服务器(129.191.26.216),从registry上下载镜像到本地。
[root@ea9189 docker]# docker pull 129.191.26.216:5000/yc/helloworld
Using default tag: latest
Error response from daemon: Get https://129.191.26.216:5000/v1/_ping: http: server gave HTTP response to HTTPS client
遇到与上传镜像时相同的问题,需要在本地docker daemon中加入insecure registry的启动参数
[root@eeea9d opc]# echo '{ "insecure-registries":["129.191.26.216:5000"] }' > /etc/docker/daemon.json
[root@eeea9d opc]# cat /etc/docker/daemon.json
{ "insecure-registries":["129.191.26.216:5000"] }
[root@eeea9d opc]# service docker restart
Stopping docker: [ OK ]
Starting docker: . [ OK ]
[root@eeea9d opc]# docker push 129.191.26.216:5000/yc/helloworld
The push refers to a repository [129.191.26.216:5000/yc/helloworld]
80d0cb488450: Pushed
d2c2ae43612c: Pushed
9c5327895952: Pushed
b9e672dabbd1: Pushed
1d2d6e99423c: Pushed
fbbce9d88e65: Pushed
4abb805eca94: Pushed
8d5e844ee251: Pushed
5f70bf18a086: Pushed
a3b5c80a4eba: Pushed
7f18b442972b: Pushed
3ce512daaf78: Pushed
7aae4540b42d: Pushed
latest: digest: sha256:3abe255db5af39c7a1d4524c506ded2ef0bd723a8a2be5da6545a9c3ad85f68e size: 3028
[root@eeea9d opc]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZE
mysql/mysql-server latest a9c01500e807 8 days ago 214.9 MB
sath89/oracle-12c latest ad95eb516624 7 weeks ago 5.692 GB
129.191.26.216:5000/yc/helloworld latest cd053ab20859 12 months ago 249.1 MB
cheneyyu8282/helloworld latest cd053ab20859 12 months ago 249.1 MB
四、管理Docker Registry
Docker Registry当前版本对镜像的管理功能较弱,只能通过REST API来查看registry中的repository和image情况
[root@ea9189 docker]# curl 129.191.26.216:5000/v2/_catalog
{"repositories":["yc/helloworld"]}
[root@ea9189 docker]# curl 129.191.26.216:5000/v2/yc/helloworld/tags/list
{"name":"yc/helloworld","tags":["latest"]}
到此,Docker Registry的基本部署已经完成,确实很简单,但是这仅仅只是搭建一个测试环境,如果要应用于生产,还需要更加深入的研究、完善。
