自建docker仓库

一、仓库安装

1、系统：CentOS7.9，采用yum安装方式

[root@master ~]# yum install docker-distribution -y
... ...
[root@master ~]# rpm -ql docker-distribution
/etc/docker-distribution/registry/config.yml
/usr/bin/registry
/usr/lib/systemd/system/docker-distribution.service
/usr/share/doc/docker-distribution-2.6.2
/usr/share/doc/docker-distribution-2.6.2/AUTHORS
/usr/share/doc/docker-distribution-2.6.2/CONTRIBUTING.md
/usr/share/doc/docker-distribution-2.6.2/LICENSE
/usr/share/doc/docker-distribution-2.6.2/MAINTAINERS
/usr/share/doc/docker-distribution-2.6.2/README.md
/var/lib/registry
[root@master ~]# systemctl start docker-distribution.service
[root@master ~]# systemctl enable docker-distribution.service

2、配置文件解读

vim /etc/docker-distribution/registry/config.yml

version: 0.1
log:
  fields:
    service: registry
storage:
    cache:
        layerinfo: inmemory
    filesystem:
        rootdirectory: /data/registry    # 定义仓库镜像存储路径
http:
    addr: 127.0.0.1:5000    # 定义监听端口

监听5000端口

3、nginx配置

upstream registry {
       server 127.0.0.1:5000;
}

server {
        listen       80;
        server_name  www.hello-word.vip hello-word.vip;

        location / {
            proxy_set_header Host $host;
	    proxy_pass http://registry;
        }

        access_log  logs/access.log  main;
        error_log   logs/error.log;
}

二、使用自建仓库

注意：以下操作均在树莓派4b上操作的，所以打出来的镜像只能用在arm64架构下；想在amd64架构下运行，需要将Dockerfile文件以及python文件复制到amd64架构的机器下打包；

1、准备Dockerfile文件和测试Python文件

Dockerfile

FROM alpine:3.9.5
RUN apk update && apk add --no-cache python3 net-tools
COPY ["app.py","/tmp"]

ENV HOST="localhost"
ENV PORT="80"

CMD python3 /tmp/app.py $HOST $PORT

测试Python文件

#!/usr/bin/env python3
#conding: utf-8
from http.server import HTTPServer, BaseHTTPRequestHandler
import json
import sys
import socket

def hostname():
    return socket.gethostname()

def ipa():
    return socket.gethostbyname(hostname())

data = {hostname(): ipa()}

def httpserver(ipadd='127.0.0.1',sport=8888):
    host = (ipadd, sport)
    server = HTTPServer(host, Resquest)
    server.serve_forever()

class Resquest(BaseHTTPRequestHandler):
    def do_GET(self):
        self.send_response(200)
        self.send_header('Content-type', 'application/json')
        self.end_headers()
        self.wfile.write(json.dumps(data).encode())

if len(sys.argv) == 1:
    httpserver()
elif len(sys.argv) == 3:
    httpserver(sys.argv[1],eval(sys.argv[2]))

2、构建镜像

root@raspberrypi:~/dockerfile/alpine # docker build -t alpine:arm-v0.1 ./
Sending build context to Docker daemon  3.584kB
Step 1/6 : FROM alpine:3.9.5
3.9.5: Pulling from library/alpine
eb93038481dd: Pull complete
Digest: sha256:115731bab0862031b44766733890091c17924f9b7781b79997f5f163be262178
Status: Downloaded newer image for alpine:3.9.5
... ...
Successfully built 30068fd6c4af
Successfully tagged alpine:arm-v0.1
root@raspberrypi:~/dockerfile/alpine # docker images
REPOSITORY                                                        TAG            IMAGE ID       CREATED              SIZE
alpine                                                            arm-v0.1       30068fd6c4af   About a minute ago   59.2MB

3、为镜像打tag

root@raspberrypi:~/dockerfile/alpine # docker tag alpine:arm-v0.1 hello-word.vip/alpine:arm64-v0.1
root@raspberrypi:~/dockerfile/alpine # docker images
REPOSITORY            TAG        IMAGE ID     CREATED       SIZE
alpine                arm-v0.1   30068fd6c4af 4 minutes ago 59.2MB
hello-word.vip/alpine arm64-v0.1 30068fd6c4af 4 minutes ago 59.2MB

4、修改docker的daemon.json配置文件

        因为docker私有仓库服务默认是基于https传输的，而我的自建仓库是http的，所以需要配置不使用https传输；配置路径：/etc/docker/daemon.json

{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": [
        "https://docker.mirrors.ustc.edu.cn",
        "https://registry.docker-cn.com",
        "http://hub-mirror.c.163.com",
        "https://mirror.ccs.tencentyun.com"
    ],
"insecure-registries": ["http://hello-word.vip"]

}

        配置完daemon.json文件之后，需要重启docker服务，使配置文件生效；

5、上传镜像到私有仓库

root@raspberrypi:~/dockerfile/alpine # docker push hello-word.vip/alpine:arm64-v0.1
The push refers to repository [hello-word.vip/alpine]
b0782aba8029: Pushed
5f6ff48124a4: Pushed
a73aeeee9177: Pushed
arm64-v0.1: digest: sha256:7de8ac1fb179c539e3c130d2c03196835af3a2eee51aa59ed75629c31a5d5d17 size: 947

三、自建仓库的常用操作

1、获取仓库镜像列表

root@pinode1:~ # curl -s http://hello-word.vip/v2/_catalog | jq
{
  "repositories": [
    "alpine",
    "centos7/daemonapp",
    "nginxdemos/hello",
    "python-demo"
  ]
}

2、获取镜像的tag列表

root@pinode1:~ # curl -s http://hello-word.vip/v2/alpine/tags/list | jq
{
  "name": "alpine",
  "tags": [
    "arm64-v0.1"
  ]
}

四、验证

1、下载镜像

root@raspberrypi:/home/pi/k8s # docker pull hello-word.vip/alpine:arm64-v0.1
arm64-v0.1: Pulling from alpine
eb93038481dd: Already exists
1b4529d08552: Pull complete
43b89475a0ed: Pull complete
Digest: sha256:7de8ac1fb179c539e3c130d2c03196835af3a2eee51aa59ed75629c31a5d5d17
Status: Downloaded newer image for hello-word.vip/alpine:arm64-v0.1
hello-word.vip/alpine:arm64-v0.1
root@raspberrypi:/home/pi/k8s # docker images
REPOSITORY                                                        TAG          IMAGE ID       CREATED         SIZE
hello-word.vip/alpine                                             arm64-v0.1   30068fd6c4af   3 hours ago     59.2MB

2、运行镜像测试

root@raspberrypi:/home/pi/k8s # docker run --rm --env HOST=0.0.0.0 --env PORT=8085 -p 8888:8085 hello-word.vip/alpine:arm64-v0.1

开启另一个终端，访问宿主机的8888端口，返回了镜像的hostname以及ip地址；测试成功

root@raspberrypi:~ # ss -ntl
State              Recv-Q              Send-Q                           Local Address:Port                            Peer Address:Port             Process
LISTEN             0                   128                                    0.0.0.0:22                                   0.0.0.0:*
LISTEN             0                   4096                                   0.0.0.0:8888                                 0.0.0.0:*
... ...
root@raspberrypi:~ # curl 127.0.0.1:8888
{"8957ed456846": "172.17.0.2"}