docker专项（三）搭建自己的私有镜像库上文最后讲到可以把自己的镜像传到镜像库，像https://hub.docker

上文最后讲到可以把自己的镜像传到镜像库，像hub.docker.com/

但是我们编写的代码构成成的images往往有一定的私密性，处于安全，私密的考虑，我们可以选择更可靠的阿里云容器服务的镜像托管。也可以自己搭建自己的镜像库，仅内网访问。

拉取registry镜像

docker pull registry

查看本地镜像

[root@192 ~]# docker pull registry
Using default tag: latest
latest: Pulling from library/registry
df9b9388f04a: Downloading 
52dc419b0ee2: Downloading 
b6846b9db566: Download complete 
b0a23bbf973d: Download complete 
c50f110701a7: Download complete 
latest: Pulling from library/registry
79e9f2f55bf5: Pull complete 
0d96da54f60b: Pull complete 
5b27040df4a2: Pull complete 
e2ead8259a04: Pull complete 
3790aef225b9: Pull complete 
Digest: sha256:169211e20e2f2d5d115674681eb79d21a217b296b43374b8e39f97fcf866b375
Status: Downloaded newer image for registry:latest
docker.io/library/registry:latest

启动容器可以将容器内的数据映射挂载在自己指定的目录上，这里以/dockertest/data/registry为宿主机存储的目录

[root@192 ~]# docker run -itd -p 5000:5000 -v /dockertest/data/registry:/var/lib/registry --name private_registry registry
e1c60e9dd0082e20bf0e29105fa20bcf741e2118717c9b31167ab3f92f87010d
[root@192 ~]# docker ps
CONTAINER ID   IMAGE      COMMAND                  CREATED         STATUS         PORTS                                       NAMES
e1c60e9dd008   registry   "/entrypoint.sh /etc…"   6 seconds ago   Up 4 seconds   0.0.0.0:5000->5000/tcp, :::5000->5000/tcp   private_registry

查看仓库宿主主机ip

更改docker的配置文件(其他内网也需要配置一下) vim /etc/docker/daemon.json

{
    "registry-mirrors": [
        "http://hub-mirror.c.163.com",
        "https://docker.mirrors.ustc.edu.cn",
        "https://registry.docker-cn.com",
        "http://192.168.0.10:5000"
    ],
    "insecure-registries":[
        "192.168.0.10:5000"
    ]
}

重启docker 以及 private_registry容器

service docker restart   //重启容器
docker start private_registry   //重启registry服务

把昨天上传到公共镜像库到拉下来打tag

[root@192 ~]# docker pull jinanaav666/golang:demo
demo: Pulling from jinanaav666/golang
0e29546d541c: Pull complete 
9b829c73b52b: Pull complete 
cb5b7ae36172: Pull complete 
6494e4811622: Pull complete 
6e1d20a8313e: Pull complete 
593823f101dc: Pull complete 
1b4aae56cdbe: Pull complete 
60201af882fb: Pull complete 
9674c8e14a9a: Pull complete 
a3e8fea88024: Pull complete 
Digest: sha256:e468c4de176f061723ba9018999ba551b2103c7fa2826cef745ffdbf2d8465ed
Status: Downloaded newer image for jinanaav666/golang:demo
docker.io/jinanaav666/golang:demo

打tag

docker tag jinanaav666/golang:demo 192.168.0.10:5000/jinanaav666/golang:demo

推送到仓库

[root@192 ~]# docker push 192.168.0.10:5000/jinanaav666/golang:demo
The push refers to repository [192.168.0.10:5000/jinanaav666/golang]
a9822e3dc8d3: Pushed
f91467ad3318: Pushed
86a458465c9c: Pushed
d82b47d992c3: Pushed
2fa2c70b216a: Pushed
bab89c562840: Pushed
26a504e63be4: Pushed
8bf42db0de72: Pushed
31892cc314cb: Pushed
11936051f93b: Pushed
demo: digest: sha256:e468c4de176f061723ba9018999ba551b2103c7fa2826cef745ffdbf2d8465ed size: 2422

在内网的其他机子上拉去私有镜像库的images

# chenjinan @ 192 in ~ [0:31:56] 

$ docker pull 192.168.0.10:5000/jinanaav666/golang:demo
demo: Pulling from jinanaav666/golang
Digest: sha256:e468c4de176f061723ba9018999ba551b2103c7fa2826cef745ffdbf2d8465ed
Status: Downloaded newer image for 192.168.0.10:5000/jinanaav666/golang:demo
192.168.0.10:5000/jinanaav666/golang:demo

查看镜像

完成!