registry是一个运行在docker中的registry镜像的实例。 ## 运行registry容器 ~~~ docker run -d -p 5000:5000 --restart=always --name registry registry:2 ~~~ --restart=always 容器启动时在动重启 >[info]这种部署仅适用于测试环境，生产环境最好使用TLS协议和访问控制。 ### 实例 ~~~ # 从Docker Hub拉取ubuntu:16.04 image docker pull ubuntu:16.04 # 打标签，标签第一部分是IP和端口 docker tag ubuntu:16.04 localhost:5000/my-ubuntu # 推送到本地registry docker push localhost:5000/my-ubuntu # 移除本地的缓存，这个并不会将镜像从registry中移除 docker image remove ubuntu:16.04 docker image remove localhost:5000/my-ubuntu # 从本地registry中拉取指定镜像 docker pull localhost:5000/my-ubuntu ~~~ ### 查看镜像仓库中的镜像 ~~~ curl http://192.168.101.30:5000/v2/_catalog curl -XGET http://registry:5000/v1/search?q=镜像名称 ~~~ ## 停止registry容器 ~~~ docker stop registry # 移除数据 docker rm -v registry ~~~ ## 定制端口 ~~~ # 更改宿主机端口 docker run -d \ -p 5001:5000 \ --name registry-test \ registry:2 # 更改registry监听端口， REGISTRY_HTTP_ADDR docker run -d \ -e REGISTRY_HTTP_ADDR=0.0.0.0:5001 \ -p 5001:5001 \ --name registry-test \ registry:2 ~~~ ## 本地存储 镜像文件默认存储在容器/var/lib/registry目录中 ~~~ docker run -d \ -p 5000:5000 \ --restart=always \ --name registry \ -v /mnt/registry:/var/lib/registry \ registry:2 ~~~ ## 使用compose file ~~~ cat docker-compose.yml registry: restart: always image: registry:2 ports: - 5000:5000 # environment: # REGISTRY_HTTP_TLS_CERTIFICATE: /certs/domain.crt # REGISTRY_HTTP_TLS_KEY: /certs/domain.key # REGISTRY_AUTH: htpasswd # REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd # REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm volumes: - /var/lob/registry:/var/lib/registry ~~~ ~~~ docker-compose up -d ~~~ ## 问题 ~~~ docker push 192.168.101.30:5000/myfirstimage The push refers to a repository [192.168.101.30:5000/myfirstimage] Get https://192.168.101.30:5000/v1/_ping: http: server gave HTTP response to HTTPS client ~~~ ### 默认使用https，需要改成不使用https ~~~ cat /etc/docker/daemon.json { "insecure-registries":["registry:5000"] } ~~~ ## 仓库配置文件 ~~~ version: 0.1 log: fields: service: registry storage: cache: layerinfo: inmemory filesystem: rootdirectory: /var/lib/registry http: addr: :5000 ~~~