Docker笔记——搭建私有仓

时间:2024-10-09 17:34:51

Docker Hub当然是首选镜像仓,如果不想对所有人公开只想在局域网或公司内部使用,则有必要搭建私有仓来存储分发镜像。

搭建私有仓当然可以直接运行以下命令来创建个registry容器:

docker run -d -p : --restart=always --name registry registry:2

一条命令已经很简洁了,这里如果只是写这么一句话就实在太没必要了,所以本文介绍如何一步步编译出registry镜像。

registry官方路径:https://hub.docker.com/_/registry/

Docker registry镜像依赖关系是registry:latest -> alpine:3.4 -> scratch:latest

1 alpine镜像

Dockerfile路径:https://github.com/gliderlabs/docker-alpine/blob/8f23fc2e995ab8f7f0f5960c6a1ddd12f57efd0c/versions/library-3.4/Dockerfile

Docker Registry镜像依赖于alpine:3.4镜像,alpine镜像是一个基于Alpine Linux的一个Docker镜像,它拥有完整的包索引,它真的很小,编译出来只有4.803M。

2 scratch镜像
github 路径:https://github.com/fpco/haskell-scratch
alpine:3.4镜像依赖于scratch镜像,而scratch是一个包含了最少的共享库的Docker基础镜像,它不足5M。
关于scratch可以看这里的介绍https://www.fpcomplete.com/blog/2015/05/haskell-web-server-in-5mb
3 编译镜像
有了以上信息,就可以开始干活了:
3.1 从https://codeload.github.com/fpco/haskell-scratch/zip/master下载scratch,解压后进入haskell-scratch-master目录,执行make即可生成scratch镜像,如下:
# make

sha256:8cbba14eb7fe1eb44e53557028f622d3de6baf5b932e53b4522b7b525f3c42c3

sha256:659b6da402fd38431f58614b4c57fa6c6efec87702702446c8636628f434d246

# docker images

REPOSITORY                TAG                 IMAGE ID            CREATED             SIZE

haskell-scratch           integer-simple      659b6da402fd         seconds ago       3.811 MB

haskell-scratch           integer-gmp         8cbba14eb7fe         seconds ago       4.286 MB

执行成功后即可得到两个镜像,haskell-scratch:integer-simple和haskell-scratch:integer-gmp

为了使用方便,我们给scratch创建个tag,命令如下:

docker tag haskell-scratch:integer-gmp scratch

3.2 从https://codeload.github.com/gliderlabs/docker-alpine/zip/8f23fc2e995ab8f7f0f5960c6a1ddd12f57efd0c下载alpine,解压后进入docker-alpine-8f23fc2e995ab8f7f0f5960c6a1ddd12f57efd0c/versions/library-3.4目录执行build命令编译alpine镜像,命令如下:

docker build -t alpine:3.4 .

3.3 从https://codeload.github.com/docker/distribution-library-image/zip/3b4a84c1f152b60688e99d2efadf305479541482下载registry,解压后进入distribution-library-image-3b4a84c1f152b60688e99d2efadf305479541482目录,执行build命令编译registry镜像,命令如下:

docker build -t registry .

至此就有了自己一步步编译出来的registry镜像,那么创建个容器试试,命令如下:

# docker run -d -p : --restart=always --name registry registry
055d53fe984679128e2ab8404a4eb4087eb0eb1713368b048d030e8d65a8f56d

# docker ps -a

CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES

055d53fe9846        registry            "/entrypoint.sh /etc/"    minutes ago      Up  minutes       0.0.0.0:->/tcp   registry

3.4 push镜像至私有仓

首先,想要push镜像至私有仓,镜像名必须满足一定格式,格式为registry_host:port/image_name:tag

我们给hello-world:latest镜像创建个tag,命令如下:

# docker tag hello-world localhost:5000/hello-world

# docker images

REPOSITORY                   TAG                 IMAGE ID            CREATED             SIZE

hello-world                  latest              c54a2cc56cbb        12 weeks ago        1.848 kB
localhost:5000/hello-world   latest              c54a2cc56cbb        12 weeks ago        1.848 kB

然后docker push就可以将这个镜像提交到私有仓中了,如下:

docker push localhost:/hello-world

The push refers to a repository [localhost:/hello-world]

a02596fdd012: Pushed

latest: digest: sha256:a18ed77532f6d6781500db650194e0f9396ba5f05f8b50d4046b294ae5f83aa4 size:

接下来为了验证我们的私有仓可用,我将本地的hello-world镜像删除后来做验证,过程如下:

root@ *** :~# docker rmi localhost:/hello-world hello-world

Untagged: localhost:/hello-world:latest

Untagged: localhost:/hello-world@sha256:a18ed77532f6d6781500db650194e0f9396ba5f05f8b50d4046b294ae5f83aa4

Untagged: hello-world:latest

Untagged: hello-world@sha256:0256e8a36e2070f7bf2d0b0763dbabdd67798512411de4cdcf9431a1feb60fd9

Deleted: sha256:c54a2cc56cbb2f04003c1cd4507e118af7c0d340fe7e2720f70976c4b75237dc

Deleted: sha256:a02596fdd012f22b03af6ad7d11fa590c57507558357b079c3e8cebceb4262d7

root@ *** :~# docker run localhost:/hello-world

Unable to find image 'localhost:5000/hello-world:latest' locally

latest: Pulling from hello-world

c04b14da8d14: Pull complete

Digest: sha256:a18ed77532f6d6781500db650194e0f9396ba5f05f8b50d4046b294ae5f83aa4

Status: Downloaded newer image for localhost:/hello-world:latest

Hello from Docker!

This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:

 . The Docker client contacted the Docker daemon.

 . The Docker daemon pulled the "hello-world" image from the Docker Hub.

 . The Docker daemon created a new container from that image which runs the

    executable that produces the output you are currently reading.

 . The Docker daemon streamed that output to the Docker client, which sent it

    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:

 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker Hub account:

 https://hub.docker.com

For more examples and ideas, visit:

 https://docs.docker.com/engine/userguide/

至此,私有仓搭建成功。

相关文章