Shulou(Shulou.com)06/02 Report--

1. Registry Foundation 1, registry category Sponsor Registry: third-party registry for users and communities to use Mirror Registry: third-party registry for users to use Vendor Registry: registryPrivate Registry officially provided by Docker: private registry

[if the environment is Aliyun, then using Aliyun's registry is the best choice] 2. There are three methods of self-built registry: local installation and configuration registry method 2: use the official registry image method 3: use Harbor to make registry2, configure local registry

Install the registry component on the 140node and then push the mirror on the 130node to the first step: install the registry component on the 140node [in the extra source]

1) install components

[root@host2 ~] # yum install docker-registry-y

2) check the configuration file of resitory

[root@host2 ~] # vim / etc/docker-distribution/registry/config.yml

[the contents generally need not be changed]

Version: 0.1log:fields:service: registrystorage:cache: layerinfo: inmemoryfilesystem: rootdirectory: / var/lib/registryhttp:addr:: 5000

3) start the service

[root@host2 ~] # systemctl start docker-distribution [root@host2 ~] # ss-tnl | grep 5000LISTEN 0128 [:]: 5000 [::]: * second step: create an image on the 130th node and upload it to registry

1) modify the hosts file to achieve name resolution

[root@host1 ~] # echo "172.16.100.3 host2" > > / etc/hosts [root@host1 ~] # ping host2

2) tag an existing image

First, find a random mirror image.

[root@host1 ~] # docker image ls | head-n2REPOSITORY TAG IMAGE ID base v1.1 ca1046667ac3

Label the image

[root@host1 ~] # docker tag base:v1.1 host2:5000/baseimg:v1-0

3) Edit docker configuration file

Although the image has been made at this time, it cannot be pushed, because docker uses https protocol by default, while our registry uses http protocol.

[root@host1 ~] # vim / etc/docker/daemon.json {"registry-mirrors": ["https://registry.docker-cn.com"," https://mzxx8xy8.mirror.aliyuncs.com"],"hosts": ["tcp://0.0.0.0:3725", "unix://var/run/docker.sock"], "insecure-registries": ["host2:5000"]}

Restart the service

[root@host1 ~] # systemctl daemon-reload [root@host1 ~] # systemctl restart docker

4) push image

[root@host1 ~] # docker push host2:5000/baseimg:v1-0

The pushed image will be saved in a specific directory of the service.

[root@host2 ~] # ls / var/lib/registry/docker/registry/v2/repositories/baseimg step 3: download the image at the 150th node

1) modify the docker configuration file to run the insecure json

Same as: step 2

2) download the image

[root@host2] # docker pull host2:5000/baseimg:v1-0 III. Use the official registry

Officially released a registry through the image, as long as you start the container

Step 1: pull the image and start it to make registry

1) download the image

[root@host1 ~] # docker pull registry

2) step 2: create a directory

[root@host1 ~] # mkdir-p / opt/ {auth,data} [root@host1 ~] # ls / opt/auth data

3) step 3: create an authentication file

[root@host1 ~] # docker run-- entrypoint\ > htpasswd registry-Bbn zxhk 123 > / opt/auth/htpasswd [root@host1 ~] # echo "0" > / proc/sys/net/ipv4/ip_forward

4) step 4: create a container

[root@host1] # docker run-d-p 6000 name registry1 5000\ >-- restart=always-- name registry1\ >-v / opt/auth:/auth-v / opt/data:/tmp/registry\ >-e "REGISTRY_AUTH=htpasswd"\ > e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm"\ >-e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd"\ > registry step 2: use this registry on other nodes

1) modify the docker configuration file to allow unsafe json

[root@host2 ~] # vim / etc/docker/daemon.json {"registry-mirrors": ["https://registry.docker-cn.com"," https://mzxx8xy8.mirror.aliyuncs.com"],"hosts": ["tcp://0.0.0.0:3725", "unix://var/run/docker.sock"], "insecure-registries": ["172.16.100.3PV6000"]}

2) tag the image

[root@host1 ~] # docker tag nginx:1.17-alpine 172.16.100.3:6000/nginx:v1-1

3) Log in to registry

[root@host1 ~] # docker login http://172.16.100.3:6000

4) push image

[root@host1 ~] # docker push 172.16.100.3:6000/nginx:v1-1

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.