运行自己的Docker私有镜像仓库 Registry¶

从Docker容器安装一个Registry:

// 拉去registry镜像
$ docker pull registry

## 搭建本地镜像源()
$ docker run -d -v /opt/registry:/var/lib/registry -p 5000:5000
    --restart=always --name registry registry:latest

// 查看容器状态
$ docker ps -a
IMAGE               COMMAND      CREATED        PORTS              NAMES
registry:latest     "/...      3 seconds ago   5000->5000/tcp     registry

将我们的镜像上传到本地的Docker Registr:

// 找到我们要上传的镜像
$ docker images test/apache2
REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
test/apache2       latest              9c30616364f4        7 days ago          254.4 MB

// 使用新的Registry给该镜像打上标签
$ docker tag 9c30616364f4 docker.example.com:5000/test/apache2

## 通过docker push 命令将它推送到新的Registry中去
$ docker push docker.example.com:5000/test/apache2
The push refers to a repository [docker.example.com:5000/test/apache2] (len: 1)
9c30616364f4: Image already exists
f5bb94a8fac4: Image successfully pushed
2e36b30057ab: Image successfully pushed
0346cecb4e51: Image successfully pushed
274da7f89b05: Image successfully pushed
b5ce920a148c: Image successfully pushed
576b12d1aa01: Image successfully pushed
Digest: sha256:0c22a559f8dea881bca046e0ca27a01f73aa5f3c153b08b8bdf3306082e48b72

// 测试我们上传的镜像
$ docker run -it docker.example.com:5000/test/apache2 /bin/bash

警告

如没有禁用安全模块selinux,要加选项: –privileged=true
docker默认是https协议,如用http协议要增加
insecure-registry选项
从docker hub上pull其中的registry镜像时，增加镜像源:
registry-mirror

实例:

// 默认是https协议，如果使用http协议需要增加参数『insecure-registries』
$> cat /etc/docker/daemon.json
{
  "registry-mirrors": ["https://bpsifqa9.mirror.aliyuncs.com"],
  "insecure-registries" : ["192.168.99.10:5000"]
}