registry是一個運行在docker中的registry鏡像的實例。 ## 運行registry容器 ~~~ docker run -d -p 5000:5000 --restart=always --name registry registry:2 ~~~ --restart=always 容器啟動時在動重啟 >[info]這種部署僅適用于測試環境，生產環境最好使用TLS協議和訪問控制。 ### 實例 ~~~ # 從Docker Hub拉取ubuntu:16.04 image docker pull ubuntu:16.04 # 打標簽，標簽第一部分是IP和端口 docker tag ubuntu:16.04 localhost:5000/my-ubuntu # 推送到本地registry docker push localhost:5000/my-ubuntu # 移除本地的緩存，這個并不會將鏡像從registry中移除 docker image remove ubuntu:16.04 docker image remove localhost:5000/my-ubuntu # 從本地registry中拉取指定鏡像 docker pull localhost:5000/my-ubuntu ~~~ ### 查看鏡像倉庫中的鏡像 ~~~ curl http://192.168.101.30:5000/v2/_catalog curl -XGET http://registry:5000/v1/search?q=鏡像名稱 ~~~ ## 停止registry容器 ~~~ docker stop registry # 移除數據 docker rm -v registry ~~~ ## 定制端口 ~~~ # 更改宿主機端口 docker run -d \ -p 5001:5000 \ --name registry-test \ registry:2 # 更改registry監聽端口， REGISTRY_HTTP_ADDR docker run -d \ -e REGISTRY_HTTP_ADDR=0.0.0.0:5001 \ -p 5001:5001 \ --name registry-test \ registry:2 ~~~ ## 本地存儲 鏡像文件默認存儲在容器/var/lib/registry目錄中 ~~~ docker run -d \ -p 5000:5000 \ --restart=always \ --name registry \ -v /mnt/registry:/var/lib/registry \ registry:2 ~~~ ## 使用compose file ~~~ cat docker-compose.yml registry: restart: always image: registry:2 ports: - 5000:5000 # environment: # REGISTRY_HTTP_TLS_CERTIFICATE: /certs/domain.crt # REGISTRY_HTTP_TLS_KEY: /certs/domain.key # REGISTRY_AUTH: htpasswd # REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd # REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm volumes: - /var/lob/registry:/var/lib/registry ~~~ ~~~ docker-compose up -d ~~~ ## 問題 ~~~ docker push 192.168.101.30:5000/myfirstimage The push refers to a repository [192.168.101.30:5000/myfirstimage] Get https://192.168.101.30:5000/v1/_ping: http: server gave HTTP response to HTTPS client ~~~ ### 默認使用https，需要改成不使用https ~~~ cat /etc/docker/daemon.json { "insecure-registries":["registry:5000"] } ~~~ ## 倉庫配置文件 ~~~ version: 0.1 log: fields: service: registry storage: cache: layerinfo: inmemory filesystem: rootdirectory: /var/lib/registry http: addr: :5000 ~~~