Focus On Oracle

Installing, Backup & Recovery, Performance Tuning,
Troubleshooting, Upgrading, Patching

Oracle Engineered System


当前位置: 首页 » 技术文章 » Cloud

Docker--How to setup and use local registry

时间: 2016-10-08 00:07:23  | 作者: ohsdba  | 
如非注明,本站文章皆为原创。欢迎转载,转载时请注明出处和作者信息。
官方的Docker hub是一个用于管理公共镜像的地方,我们可以在上面找到我们想要的镜像,也可以把我们自己的镜像推送上去。在实际工作中,我们更多用的是内网地址,我们可以通过建立本地的registry来解决这个问题。

创建文件系统用于registry 

[root@ovm ~]# mkfs.btrfs -L var-lib-registry /dev/sdb2
btrfs-progs v4.2.2
See http://btrfs.wiki.kernel.org for more information.

WARNING: The skinny-metadata mkfs default feature will work with the current kernel, but it is not compatible with older kernels supported on this OS. You can disable it with -O ^skinny-metadata option in mkfs.btrfs
WARNING: The extref mkfs default feature will work with the current kernel, but it is not compatible with older kernels supported on this OS. You can disable it with -O ^extref option in mkfs.btrfs
Label:              var-lib-registry
UUID:               9d9af263-9471-4be5-a069-82cda3af706c
Node size:          16384
Sector size:        4096
Filesystem size:    30.00GiB
Block group profiles:
  Data:             single            8.00MiB
  Metadata:         DUP               1.01GiB
  System:           DUP              12.00MiB
SSD detected:       no
Incompat features:  extref, skinny-metadata
Number of devices:  1
Devices:
   ID        SIZE  PATH
    1    30.00GiB  /dev/sdb2

挂载文件系统
[root@ovm ~]# blkid /dev/sdb2
/dev/sdb2: LABEL="var-lib-registry" UUID="9d9af263-9471-4be5-a069-82cda3af706c" UUID_SUB="28a8292a-024f-470a-9971-00581c3a069d" TYPE="btrfs"
[root@ovm ~]# echo "LABEL=var-lib-registry /var/lib/registry  btrfs  defaults  1 2" >> /etc/fstab
[root@ovm ~]# mkdir /var/lib/registry
[root@ovm ~]# mount -a
[root@ovm ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/vg_ohs2-lv_root
                       36G  9.3G   25G  28% /
tmpfs                 3.9G   72K  3.9G   1% /dev/shm
/dev/sda1             477M   81M  367M  19% /boot
/dev/sdb1              31G   17M   28G   1% /var/lib/docker
/dev/sdb2              31G   17M   28G   1% /var/lib/registry
[root@ovm ~]#

创建self-signed SSL certificate
[root@ovm ~]# mkdir -p /var/lib/registry/conf.d
[root@ovm ~]# cd /var/lib/registry/conf.d [root@ovm conf.d]# ls -l
total 0
[root@ovm conf.d]# openssl req -newkey rsa:4096 -nodes -sha256 -x509 -days 365 -keyout domain.key -out domain.crt
Generating a 4096 bit RSA private key
...................................................................................++
..................................................++
writing new private key to 'domain.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:US
State or Province Name (full name) []:Massachusetts
Locality Name (eg, city) [Default City]:Boston
Organization Name (eg, company) [Default Company Ltd]:Oracle Com
Organizational Unit Name (eg, section) []:DevOps
Common Name (eg, your name or your server's hostname) []:ovm.ohsdba.cn
Email Address []:ohsdba@qq.com
[root@ovm conf.d]# ls -ltr
total 8
-rw-r--r--. 1 root root 3272 Oct  7 09:20 domain.key
-rw-r--r--. 1 root root 2130 Oct  7 09:20 domain.crt
[root@ovm conf.d]# chmod 600 /var/lib/registry/conf.d/domain.key
[root@ovm conf.d]# ls -ltr
total 8
-rw-------. 1 root root 3272 Oct  7 09:20 domain.key
-rw-r--r--. 1 root root 2130 Oct  7 09:20 domain.crt
[root@ovm conf.d]#

创建Docker registry container
如果之前没有安装registry容器则会自动下载并启动一个registry容器,创建本地的私有仓库服务
docker run -d -p 5000:5000 --name registry --restart=always \
    -v /var/lib/registry:/registry_data \
    -e REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/registry_data \
    -e REGISTRY_HTTP_TLS_KEY=/registry_data/conf.d/domain.key \
    -e REGISTRY_HTTP_TLS_CERTIFICATE=/registry_data/conf.d/domain.crt \
    registry:latest

[root@ovm ~]# docker run -d -p 5000:5000 --name registry --restart=always \
>     -v /var/lib/registry:/registry_data \
>     -e REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/registry_data \
>     -e REGISTRY_HTTP_TLS_KEY=/registry_data/conf.d/domain.key \
>     -e REGISTRY_HTTP_TLS_CERTIFICATE=/registry_data/conf.d/domain.crt \
>     registry:latest
Unable to find image 'registry:latest' locally
latest: Pulling from library/registry
c0cb142e4345: Pull complete
a5002dfce871: Pull complete
df53ce740974: Pull complete
9ce080a7bfae: Pull complete
517dc3530502: Pull complete
Digest: sha256:1cfcd718fd8a49fec9ef16496940b962e30e3927012e851f99905db55f1f4199
Status: Downloaded newer image for registry:latest
3e1fa551684cbf2fe9d129566212ff339fe4772196d2861ca7338d1bf0318335
[root@ovm ~]#
[root@ovm ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
registry            latest              541a6732eadb        13 days ago         33.27 MB
[root@ovm ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
3e1fa551684c        registry:latest     "/entrypoint.sh /etc/"   2 minutes ago       Up 2 minutes        0.0.0.0:5000->5000/tcp   registry
[root@ovm ~]#

把Hub Docker上的image然后导入到本地的registry
先从Docker Hub上下载oraclelinux
[root@ovm ~]# docker pull oraclelinux:latest
latest: Pulling from library/oraclelinux
41a53649c86f: Pull complete
Digest: sha256:aa335655d0e3fbae6cac54ab19052e02fbad75230b3c2403522e8a23fcdd64de
Status: Downloaded newer image for oraclelinux:latest
[root@ovm ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
oraclelinux         latest              3d62999fc909        8 days ago          219.5 MB
registry            latest              541a6732eadb        13 days ago         33.27 MB
[root@ovm ~]#
[root@ovm ~]# docker tag oraclelinux:latest localhost:5000/ol7image:v1
[root@ovm ~]#
[root@ovm ~]# docker push localhost:5000/ol7image:v1
The push refers to a repository [localhost:5000/ol7image]
9dec0800bdd4: Pushed
v1: digest: sha256:aa335655d0e3fbae6cac54ab19052e02fbad75230b3c2403522e8a23fcdd64de size: 529
[root@ovm ~]# docker images
REPOSITORY                TAG                 IMAGE ID            CREATED             SIZE
localhost:5000/ol7image   v1                  3d62999fc909        8 days ago          219.5 MB
oraclelinux               latest              3d62999fc909        8 days ago          219.5 MB
registry                  latest              541a6732eadb        13 days ago         33.27 MB
[root@ovm ~]#

使用curl查看registry中image信息
[root@ovm conf.d]# cat domain.crt >>/etc/pki/tls/certs/ca-bundle.crt
因为使用了https,使用curl,要先导入之前的认证信息到文件ca-bundle.crt
[root@ovm ~]# curl https://ovm.ohsdba.cn:5000/v2/
{}[root@ovm ~]#
[root@ovm ~]# curl https://ovm.ohsdba.cn:5000/v2/_catalog
{"repositories":["ol7image"]}
[root@ovm ~]#
也可以用浏览器登录查看
https://127.0.0.1:5000/v2/_catalog
可以看到本地registry中有了push上去的镜像

删除当前的image(为了测试)
[root@ovm ~]# docker images
REPOSITORY                  TAG                 IMAGE ID            CREATED             SIZE
localhost:5000/ol7image     v1                  3d62999fc909        8 days ago          219.5 MB
oraclelinux                 latest              3d62999fc909        8 days ago          219.5 MB
registry                    latest              541a6732eadb        13 days ago         33.27 MB
[root@ovm ~]# docker rmi oraclelinux
Untagged: oraclelinux:latest
Untagged: oraclelinux@sha256:aa335655d0e3fbae6cac54ab19052e02fbad75230b3c2403522e8a23fcdd64de
[root@ovm ~]# docker rmi localhost:5000/ol7image:v1
Untagged: localhost:5000/ol7image:v1
Untagged: localhost:5000/ol7image@sha256:aa335655d0e3fbae6cac54ab19052e02fbad75230b3c2403522e8a23fcdd64de
Deleted: sha256:3d62999fc9091b809eb977d6636699f904f4d67a9b50b5b5640d42d07476f288
Deleted: sha256:9dec0800bdd491be3d1abb614617f4d45ff91a7e8a23f03e5fd44ee74f02720b
[root@ovm ~]# docker images
REPOSITORY                  TAG                 IMAGE ID            CREATED             SIZE
registry                    latest              541a6732eadb        13 days ago         33.27 MB
[root@ovm ~]#

从本地registry下载
[root@ovm ~]# docker pull 127.0.0.1:5000/ol7image:v1
v1: Pulling from ol7image
41a53649c86f: Pull complete
Digest: sha256:aa335655d0e3fbae6cac54ab19052e02fbad75230b3c2403522e8a23fcdd64de
Status: Downloaded newer image for 127.0.0.1:5000/ol7image:v1
[root@ovm ~]# docker images
REPOSITORY                  TAG                 IMAGE ID            CREATED             SIZE
127.0.0.1:5000/ol7image     v1                  3d62999fc909        8 days ago          219.5 MB
registry                    latest              541a6732eadb        13 days ago         33.27 MB
[root@ovm ~]#

可以参考下面的链接,通过web访问本地registry
https://github.com/mkuchin/docker-registry-web


Reference
http://docs.oracle.com/cd/E52668_01/E75728/html/prepare-registry-server.html
https://hub.docker.com/_/registry/
http://qinghua.github.io/docker-registry/

https://github.com/mkuchin/docker-registry-web



关键词:docker cloud 

相关文章

Oracle Cloud Native Solutions
Oracle Kubernetes Engine
Terraform,docker,wercker,k8s
Vagrant with oracle
Install oracle products on docker
Oracle自治数据仓库云
OMC - How to Install Gateway Agent
Oracle大数据之交互式快速参考
Oracle数据库云服务
Oracle数据库备份云服务
Oracle RAC and Third Party Cloud
Oracle Database Multilingual Engine(MLE)

推荐文章

联系我们

Oracle Software Download Index

Oracle Database Upgrade

Oracle SQLMaria

Oracle Database Document

Oracle Cloud Document

Oracle Cloud中文链接

eDelivery

GoldenGate

My Oracle Support

Exadata Document

Oracle Linux

Oracle Fusion Middleware

MySQL Document

PostgreSQL

Python

Apache

Github

Sourceforge

CNCF

Ruby

Go

ipcheck

ipaddressguide

db-engines

Linux Kernel

Top