Docker 私有仓库用于在本地网络中存储、管理镜像,避免依赖公共仓库,提高安全性和传输效率。以下是相关概念、搭建步骤及注意事项:
核心概念
私有仓库(Private Registry) 基于 Docker 官方的 registry 镜像搭建的本地镜像仓库,用于存储私有镜像(如公司内部开发的应用镜像),仅允许授权用户访问。
1.拉取私有仓库
bash
[root@docker_dev docker-files]# docker pull registry2.启动私有仓库
bash
[root@docker_dev docker-files]# docker run -id --name=regitry -p 5000:5000 registry
00d0b73d3efbbdf3656fecec597c20f63383f788b330736f5722fd8322b6fc0d3.访问私有仓库
4.修改daem.json
信任自己搭建的私有仓库,将地址追加到配置的加速里面
bash
[root@docker_dev docker-files]# vim /etc/docker/daemon.json
[root@docker_dev docker-files]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://docker.unsee.tech","https://mirror.ccs.tencentyun.com","https://docker.m.daocloud.io"],
"insecure-registries": ["192.168.198.155:5000"]
}
#重启docker服务生效
[root@docker_dev docker-files]# systemctl restart docker5.将镜像上传至私有仓库
镜像标签规范
- 推送 / 拉取时必须使用完整标签(含仓库地址),否则会默认操作 Docker 官方仓库。
bash
#标记为私有仓库的镜像
[root@docker_dev docker-files]# docker tag centos_feng:1 192.168.198.155:5000/centos_yum:1.0
#注意上一步将docker服务重启了,运行的容器会自动关闭,需要将registry这个容器重新启动
#上传镜像
[root@docker_dev docker-files]# docker push 192.168.198.155:5000/centos_yum:1.0
The push refers to repository [192.168.198.155:5000/centos_yum]
174f56854903: Pushed
1.0: digest: sha256:e167d9e35ab2525d1b4ce91925c6e6abb9e8306766e78090cbbb5cf55f1eb504 size: 5296.拉取私有镜像仓库的镜像
bash
[root@docker_dev docker-files]# docker pull 192.168.198.155:5000/centos_yum:1.0
1.0: Pulling from centos_yum
Digest: sha256:e167d9e35ab2525d1b4ce91925c6e6abb9e8306766e78090cbbb5cf55f1eb504
Status: Downloaded newer image for 192.168.198.155:5000/centos_yum:1.0
192.168.198.155:5000/centos_yum:1.0
[root@docker_dev docker-files]# docker images;
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.198.155:5000/centos_yum 1.0 09dfdbc14765 About an hour ago 204MB