How to setup a private docker registry On CentOS7

来自koorka知识分享
跳到导航 跳到搜索

使用docker-distribution

安装软件

yum install docker-distribution

编辑配置文件 /etc/docker-distribution/registry/config.yml

version: 0.1
log:
  fields:
    service: registry
storage:
    cache:
        layerinfo: inmemory
    filesystem:
        rootdirectory: /opt/data/docker/registry
http:
    addr: :5000

启动服务器:

systemctl enable docker-distribution.service
systemctl start docker-distribution.service
systemctl status docker-distribution.service -l

配置nginx:

upstream docker-registry {
    server 127.0.0.1:5000;
}

# Set a variable to help us decide if we need to add the
# 'Docker-Distribution-Api-Version' header.
# The registry always sets this header.
# In the case of nginx performing auth, the header will be unset
# since nginx is auth-ing before proxying.
map $upstream_http_docker_distribution_api_version $docker_distribution_api_version {
    '' 'registry/2.0';
 }

server {
    server_name docker-registry.koorka.com;
    client_max_body_size 0;
    chunked_transfer_encoding on;
    location /v2/ {
      # To add basic authentication to v2 use auth_basic setting.
      # auth_basic "Registry realm";
      # auth_basic_user_file /etc/nginx/conf.d/nginx.htpasswd;

      ## If $docker_distribution_api_version is empty, the header will not be added.
      ## See the map directive above where this variable is defined.
      add_header 'Docker-Distribution-Api-Version' $docker_distribution_api_version always;

      proxy_pass                          http://docker-registry;
      proxy_set_header  Host              $http_host;   # required for docker client's sake
      proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
      proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
      proxy_set_header  X-Forwarded-Proto $scheme;
      proxy_read_timeout                  900;

    }
}

vim /etc/docker/daemon.json

{ "insecure-registries":["docker-registry.koorka.com"] }

systemctl restart docker.service

execute docker images will get the images:

REPOSITORY                               TAG                 IMAGE ID            CREATED             SIZE

koorka/centos-sshd                       7.3                 753adbbbec77        3 hours ago         464.1 MB

tag a image to our private registry:

docker tag <imageID> docker-registry.koorka.com/koorka/centos-sshd:7.3

with the 753adbbbec77  instead the <imageID>

push the image to registry:

docker push test4.yfq.com:5000/koorka/centosh-sshd:7.3

Reference: https://docs.docker.com/registry/recipes/nginx/

使用nexus repository manager3搭建私有Docker库

1、在nexus服务器端创建 docker hosted仓库,勾选http连接并将端口设置为5000, 重启nexus服务。

2、在Docker端设置 额外的 服务器,Linux系统为 /etc/docker/daemon.json,

  "insecure-registries": [
    "192.168.18.242:5000"
  ]

3、登录到docker仓库

docker login http://192.168.18.242:5000/

4、给本地的image打tag

docker tag myapp 192.168.75.131:5000/koorka/myapp:v0.0.1

5、推送本地image到服务器:

docker push 192.168.18.242:5000/koorka/myapp:v0.0.1

6、退出登录

docker logout http://192.168.18.242:5000

如何清理Nexus的磁盘空间

步骤:

1、创建磁盘清理策略(Cleanup Policies):http://192.168.1.135:8081/#admin/repository/cleanuppolicies

2、执行名称为“Cleanup service”的任务:http://192.168.1.135:8081/#admin/system/tasks

3、创建一个类型为“Admin - Compact blob store”的任务(名称自己定义),然后执行该任务进行磁盘清理即可。(说明:步骤2中的清理任务只是将文件标记为"删除",只有执行步骤3后才会从磁盘上删除)。