How to setup a private docker registry On CentOS7
使用docker-distribution
安装软件
yum install docker-distribution
编辑配置文件 /etc/docker-distribution/registry/config.yml
version: 0.1
log:
fields:
service: registry
storage:
cache:
layerinfo: inmemory
filesystem:
rootdirectory: /opt/data/docker/registry
http:
addr: :5000
启动服务器:
systemctl enable docker-distribution.service
systemctl start docker-distribution.service
systemctl status docker-distribution.service -l
配置nginx:
upstream docker-registry {
server 127.0.0.1:5000;
}
# Set a variable to help us decide if we need to add the
# 'Docker-Distribution-Api-Version' header.
# The registry always sets this header.
# In the case of nginx performing auth, the header will be unset
# since nginx is auth-ing before proxying.
map $upstream_http_docker_distribution_api_version $docker_distribution_api_version {
'' 'registry/2.0';
}
server {
server_name docker-registry.koorka.com;
client_max_body_size 0;
chunked_transfer_encoding on;
location /v2/ {
# To add basic authentication to v2 use auth_basic setting.
# auth_basic "Registry realm";
# auth_basic_user_file /etc/nginx/conf.d/nginx.htpasswd;
## If $docker_distribution_api_version is empty, the header will not be added.
## See the map directive above where this variable is defined.
add_header 'Docker-Distribution-Api-Version' $docker_distribution_api_version always;
proxy_pass http://docker-registry;
proxy_set_header Host $http_host; # required for docker client's sake
proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 900;
}
}
vim /etc/docker/daemon.json
{ "insecure-registries":["docker-registry.koorka.com"] }
systemctl restart docker.service
execute docker images will get the images:
REPOSITORY TAG IMAGE ID CREATED SIZE
koorka/centos-sshd 7.3 753adbbbec77 3 hours ago 464.1 MB
tag a image to our private registry:
docker tag <imageID> docker-registry.koorka.com/koorka/centos-sshd:7.3
with the 753adbbbec77 instead the <imageID>
push the image to registry:
docker push test4.yfq.com:5000/koorka/centosh-sshd:7.3
Reference: https://docs.docker.com/registry/recipes/nginx/
使用nexus repository manager3搭建私有Docker库
1、在nexus服务器端创建 docker hosted仓库,勾选http连接并将端口设置为5000, 重启nexus服务。
2、在Docker端设置 额外的 服务器,Linux系统为 /etc/docker/daemon.json,
"insecure-registries": [
"192.168.18.242:5000"
]
3、登录到docker仓库
docker login http://192.168.18.242:5000/
4、给本地的image打tag
docker tag myapp 192.168.75.131:5000/koorka/myapp:v0.0.1
5、推送本地image到服务器:
docker push 192.168.18.242:5000/koorka/myapp:v0.0.1
6、退出登录
docker logout http://192.168.18.242:5000
如何清理Nexus的磁盘空间
步骤:
1、创建磁盘清理策略(Cleanup Policies):http://192.168.1.135:8081/#admin/repository/cleanuppolicies
2、执行名称为“Cleanup service”的任务:http://192.168.1.135:8081/#admin/system/tasks
3、创建一个类型为“Admin - Compact blob store”的任务(名称自己定义),然后执行该任务进行磁盘清理即可。(说明:步骤2中的清理任务只是将文件标记为"删除",只有执行步骤3后才会从磁盘上删除)。