Of Stack

Detail the easiest way to set up an Docker private warehouse

  • 2020-06-07 05:42:43
  • OfStack

Doker is more and more widely used in the industry, so it is an urgent task for users to manage their images and containers well.

Due to business needs, we need to build 1 set their own Docker private mirror warehouse, online to find a lot of, one is said to pull regisitry image, and then through the mirror to start a container to run the warehouse application, I had one according to the website instructions pull registry, there is an error, but the start-up time and exactly what is not in detail, anyway, there is a mistake, then began to study other way, don't really find one, but I found that the easiest way to I don't know if I found the domestic first, But I should be the first one to write it down for your reference.

The following is not nonsense, direct method:

First of all, your system should be above CentOS 7.0 because of the requirements of the kernel and the various related libraries and software requirements, as well as the requirements of epel. Install es14EN-ES15en directly. Change the configuration a little to make your private repository http, because from docker1.3.2 on, docker registry will default to https instead of http, whether you look for the image you want on docker hub or you type private registry. Restart the associated docker service. Test and use.

The following is a detailed list of the steps in each step:

Use the CentOS 7.ES31en system, add the epel source, update the system to the latest version, and restart the new kernel to take effect. 


#wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
#yum clean all
#yum makecache
#yum update -y
#reboot

Install docker related services, of which ES38en-ES39en is the most important, because this is the private warehouse service. With this service, there is no need to go to the pull image as on the Internet and then have another container. 


#yum install docker docker-registry -y

If you don't need to develop the relevant interface caller, these two should suffice, and if you do, install all of the docker packages directly. However, it is best to uninstall docker-ES47en and ES48en-ES49en-ES50en as they are docker clients and version 1.12 does not match server version 1.10. 


#yum install docker* -y
#yum remove docker-latest* -y

Set both of docker's services to start automatically and let them run. 


#systemctl enable docker
#systemctl start docker
#systemctl enable docker-registry
#systemctl start docker-registry

Check 1 for the native listening port. Is there a port of 5000? Port 5000 is the default listening port for docker-ES63en, of course, you can change this as you like. 


[root@01 /]# netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address   Foreign Address   State  PID/Program name
tcp  0  0 0.0.0.0:22    0.0.0.0:*    LISTEN  1109/sshd
tcp  0  0 127.0.0.1:25   0.0.0.0:*    LISTEN  1384/master
tcp  0  0 0.0.0.0:5000   0.0.0.0:*    LISTEN  20437/python
tcp6  0  0 :::22     :::*     LISTEN  1109/sshd
tcp6  0  0 ::1:25     :::*     LISTEN  1384/master

Is it possible to access through the network under test 1? 


[root@01 /]# curl "http://192.168.1.107:5000"
"\\"docker-registry server\\""[root@01 /]#
[root@01 /]#

Now that you have access, test 1 on the push 1 image above. This requires you to mirror tag 1 first before push can go up. Take my current mirror image. 


[root@01 /]# docker tag cfba59e097ba 192.168.1.107:5000/test1
[root@01 /]# docker images
REPOSITORY     TAG     IMAGE ID   CREATED    SIZE
192.168.1.107:5000/test1 latest    ac0b483c17fa  3 days ago   634.6 MB
docker.io/redmine   latest    cfba59e097ba  3 days ago   634.6 MB
docker.io/registry   latest    c9bd19d022f6  2 weeks ago   33.27 MB
[root@01 /]#

Now there is an error in the words of push, as follows. 


[root@01 /]# docker pull 192.168.1.107:5000/test1
Using default tag: latest
Trying to pull repository 192.168.1.107:5000/test1 ...
unable to ping registry endpoint https://192.168.1.107:5000/v0/
v2 ping attempt failed with error: Get https://192.168.1.107:5000/v2/: EOF
 v1 ping attempt failed with error: Get https://192.168.1.107:5000/v1/_ping: EOF
[root@01 /]#

But basically one eye can see that the address is full of https, and now I can only access http, so I need to solve the problem of enabling http, because my need is to build in the inner network, the outside network can't access, why need to encrypt, will only slow down the speed. The next step is to modify the corresponding configuration file to enable http. This configuration file also says this and that, and the following is the correct configuration file. 


[root@01 /]# vim /etc/sysconfig/docker

Add the following line. 


OPTIONS='--insecure-registry 192.168.1.107:5000'

Restart the docker service. 


#yum install docker docker-registry -y
0

push again, completed successfully. 


#yum install docker docker-registry -y
1

Now that it is successful, go to pull 1 to see if you can use it with another machine. The result is also successful, because I have already passed pull, so the image already exists, as follows. 


#yum install docker docker-registry -y
2

At this point, the simple private warehouse has been set up. If there is a need to provide services on the public network in the future, SSL certificate, user name/password and other operations are completed step by step. IT technology is updated very quickly, and it may not have been available before, but only recently. Therefore, it takes a lifetime of continuous learning and improvement to stand on the bridge.

Related articles: