docker三种仓库的基础管理

一、docker hub官方镜像推送和拉取示例

1.到docker hub官方注册账号

https://hub.docker.com/

2.登录官方

docker login -u 用户名
[root@elk92 ~]# docker login -u dezyan
Password:

3.在docker hub的webUI创建仓库


4.推送本地镜像至官方

[root@elk92 ~]# docker tag gametest:v1.0  dezyan/gametest
[root@elk92 ~]# docker push dezyan/gametest:busybox

5.webUI查看

6.本地拉取上传到官方的镜像

[root@elk92 ~]# docker pull dezyan/gametest:gametest

7.退出登录

[root@elk92 ~]# docker logout

二、阿里云第三方镜像仓库管理

1.新建仓库

访问阿里云: https://www.aliyun.com/

在首页-产品-搜索-容器-容器镜像服务-管理控制台-创建实例

2.创建命名空间、镜像仓库

配置名称、是否公开等信息

3.命令行登录阿里云账号

[root@elk91 ~]# docker login --username=Dezyan crpi-vdztp5takbojsq12.cn-beijing.personal.cr.aliyuncs.com
Password:

4.推送镜像到阿里云

$ docker login --username=Dezyan crpi-vdztp5takbojsq12.cn-beijing.personal.cr.aliyuncs.com
$ docker tag [ImageId] crpi-vdztp5takbojsq12.cn-beijing.personal.cr.aliyuncs.com/dezyan/test:[镜像版本号]
$ docker push crpi-vdztp5takbojsq12.cn-beijing.personal.cr.aliyuncs.com/dezyan/test:[镜像版本号]

5.从阿里云拉取镜像

$ docker pull crpi-vdztp5takbojsq12.cn-beijing.personal.cr.aliyuncs.com/dezyan/test:[镜像版本号]

6.删除阿里云镜像

选定仓库,在镜像版本中删除即可

7.退出登录

[root@elk91 ~]# docker logout crpi-vdztp5takbojsq12.cn-beijing.personal.cr.aliyuncs.com

三、harbor私有仓库搭建与管理

1.下载、解压

[root@elk93 ~]# wget https://github.com/goharbor/harbor/releases/download/v2.12.2/harbor-offline-installer-v2.12.2.tgz

[root@elk93 ~]#  tar xf harbor-offline-installer-v2.12.2.tgz  -C /usr/local/

2.编辑配置文件

[root@elk93 ~]# cp /usr/local/harbor/harbor.yml{.tmpl,}
[root@elk93 ~]# vim /usr/local/harbor/harbor.yml
...
#更改主机
hostname: 10.0.0.93
...
#禁用https功能
## https related config                               
#https:
#  # https port for harbor, default is 443
#  port: 443
#  # The path of cert and key files for nginx
#  certificate: /your/certificate/path
#  private_key: /your/private/key/path
#  # enable strong ssl ciphers (default: false)
#  # strong_ssl_ciphers: false

...
#设置harbor登录密码
harbor_admin_password: 1   
...
#设置harbor数据存储路径
data_volume: /oldboyedu/data/harbor       
...

3.安装harbor

[root@elk93 ~]# /usr/local/harbor/install.sh

4.访问harbor的webUI

http://10.0.0.93/harbor/projects

用户名admin

密码1

5.新建项目test

6.推送本地镜像到harbor仓库

[root@elk92 ~]# cat /etc/docker/daemon.json 
{
  "insecure-registries": ["10.0.0.92:5000","10.0.0.93"]
}
[root@elk92 ~]# 
[root@elk92 ~]# systemctl restart docker.service 
[root@elk92 ~]#
[root@elk92 ~]# docker info  | grep "Insecure Registries" -A 2
 Insecure Registries:
  10.0.0.92:5000
  10.0.0.93

#给本地镜像打标签
root@ding:~# docker tag dezyangame:v3.1 10.0.0.94/test/dezyangame:v10.0

#也可使用docker login -u admin -p 1 10.0.0.93不采用交互
root@ding:~# docker login 10.0.0.94
admin
1
如果不使用交互容易泄露密码
[root@elk92 ~]# cat /root/.docker/config.json;echo
{
	"auths": {
		"10.0.0.93": {
			"auth": "YWRtaW46MQ=="
		}
	}
}
echo YWRtaW46MQ== | base64 -d ;echo

#推送本地镜像
docker push 10.0.0.94/test/dezyangame:v10.0

注意此处打的标签名要与服务器以及harbor创建的项目名完全一致,否则会推送失败

即:/服务器IP/harbor项目名/本地镜像信息

7.推送完成后一定要退出

root@ding:~# docker logout 10.0.0.93
Removing login credentials for 10.0.0.93

8.从harbor拉取镜像

[root@elk91 ~]# cat /etc/docker/daemon.json 
{
"insecure-registries": ["10.0.0.92:5000","10.0.0.93"]
}
[root@elk91 ~]# 
[root@elk91 ~]# systemctl restart docker.service 

root@elk91:~# docker login 10.0.0.94
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

[root@elk91 ~]# docker pull 10.0.0.94/test/dezyangame:v10.0

9.移除镜像

posted @ 2025-03-25 21:51  丁志岩  阅读(50)  评论(0)    收藏  举报