【重要】registry v2安装参考资料:
http://www.open-open.com/lib/view/open1456539405281.html
下载registry镜像:
sudo docker pull registry
创建证书:
sudo mkdir -p /docker_registry_dir/certs
sudo vi /etc/hosts :指定自定义的域名
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.211.55.8 docker.registry.server
sudo openssl req -newkey rsa:4096 -nodes -sha256 -keyout /docker_registry_dir/certs/domain.key -x509 -days 365 -out /docker_registry_dir/certs/domain.crt
Generating a 4096 bit RSA private key
.................................++
...++
writing new private key to \'/docker_registry_dir/certs/domain.key\'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a DistinguishedName or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter \'.\', the field will be left blank.
-----
CountryName(2 letter code)[XX]:CN
State or ProvinceName(full name)[]:beijing
LocalityName(eg, city)[DefaultCity]:beijing
OrganizationName(eg, company)[DefaultCompanyLtd]:NQ
OrganizationalUnitName(eg, section)[]:NQ
CommonName(eg, your name or your server\'s hostname) []:docker.registry.server
Email Address []:hanqf2008@163.com
sudo mkdir -p /etc/docker/certs.d/docker.registry.server:5000
sudo cp /docker_registry_dir/certs/domain.crt /etc/docker/certs.d/docker.registry.server:5000/ca.crt
说明:因为是自己制作的证书,所以注意保存/docker_registry_dir/certs/domain.crt,其它客户端也需要将该证书拷贝到/etc/docker/certs.d/docker.registry.server:5000/ca.crt下,如果是认证过的证书,则不需要执行该步骤。
创建认证帐号:
sudo mkdir -p /docker_registry_dir/auth
切换到root用户:
docker run --rm --entrypoint htpasswd docker.io/registry:latest -Bbn admin admin >> /docker_registry_dir/auth/htpasswd :可以创建多个帐号
启动registry容器:
sudo mkdir /docker_registry_dir/registryDir
sudo docker run -d -p 5000:5000--restart=always --name registry \\
-v /docker_registry_dir/auth:/auth \\
-e "REGISTRY_AUTH=htpasswd" \\
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \\
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \\
-v /docker_registry_dir/registryDir:/var/lib/registry \\
-v /docker_registry_dir/certs:/certs \\
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \\
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \\
docker.io/registry:latest
上传镜像:
sudo docker login docker.registry.server:5000
Username: admin
Password:
Email: hanqf2008@163.com
WARNING: login credentials saved in/root/.docker/config.json
LoginSucceeded
sudo docker tag docker.io/swarm:latest docker.registry.server:5000/swarm:latest
sudo dcoker push docker.registry.server:5000/swarm:latest
The push refers to a repository [docker.registry.server:5000/swarm]
c54d433c22fe:Pushed
2fe4d825a161:Pushed
249a306ce89e:Pushed
latest: digest: sha256:c9e1b4d4e399946c0542accf30f9a73500d6b0b075e152ed1c792214d3509d70 size:923
Trying to pull repository docker.registry.server:5000/swarm ...
latest:Pulling from docker.registry.server:5000/swarm
Digest: sha256:c9e1b4d4e399946c0542accf30f9a73500d6b0b075e152ed1c792214d3509d70
Status:Downloaded newer image for docker.registry.server:5000/swarm:latest
查看仓库镜像:
sudo curl --cacert /docker_registry_dir/certs/domain.crt --basic --user admin:admin https://docker.registry.server:5000/v2/_catalog
{"repositories":["swarm"]}
sudo curl --cacert /docker_registry_dir/certs/domain.crt --basic --user admin:admin https://docker.registry.server:5000/v2/swarm/tags/list
{"name":"swarm","tags":["latest"]}
sudo curl --cacert /docker_registry_dir/certs/domain.crt --basic --user admin:admin https://docker.registry.server:5000/v2/swarm/manifests/latest
删除仓库镜像:【目前不支持】
官方参考资料:https://docs.docker.com/registry/spec/api/
sudo curl --cacert /docker_registry_dir/certs/domain.crt --basic --user admin:admin https://docker.registry.server:5000/v2/_catalog
{"repositories":["mysql","swarm"]}
sudo curl -X DELETE --cacert /docker_registry_dir/certs/domain.crt --basic --user admin:admin https://docker.registry.server:5000/v2/mysql/manifests/latest
{"errors":[{"code":"UNSUPPORTED","message":"The operation is unsupported."}]}
sudo curl -X DELETE --cacert /docker_registry_dir/certs/domain.crt --basic --user admin:admin https://docker.registry.server:5000/v2/mysql/manifests/sha256:bd446145a97e292a05e36f322ca06a82188608f7de107307e5a24ae775dc5a44
sudo curl --cacert /docker_registry_dir/certs/domain.crt --basic --user admin:admin https://docker.registry.server:5000/v2/_catalog
{"repositories":["mysql","swarm"]}
看到mysql还在,但是其下面对应的tag已经不见了:
sudo curl --cacert /docker_registry_dir/certs/domain.crt --basic --user admin:admin https://docker.registry.server:5000/v2/mysql/tags/list
{"name":"mysql","tags":null}
sudo curl --cacert /docker_registry_dir/certs/domain.crt --basic --user admin:admin https://docker.registry.server:5000/v2/_catalog
{"repositories":["swarm"]}
https://docs.docker.com/registry/spec/api/#deleting-an-image
Method |
Path |
Entity |
Description |
GET |
/v2/ |
Base |
Check that the endpoint implements Docker Registry API V2. |
GET |
/v2/<name>/tags/list |
Tags |
Fetch the tags under the repository identified by name. |
GET |
/v2/<name>/manifests/<reference> |
Manifest |
Fetch the manifest identified by name and reference where reference can be a tag or digest. A HEAD request can also be issued to this endpoint to obtain resource information without receiving all data. |
PUT |
/v2/<name>/manifests/<reference> |
Manifest |
Put the manifest identified by name and reference where reference can be a tag or digest. |
DELETE |
/v2/<name>/manifests/<reference> |
Manifest |
Delete the manifest identified by name and reference. Note that a manifest can only be deleted by digest. |
GET |
/v2/<name>/blobs/<digest> |
Blob |
Retrieve the blob from the registry identified by digest. A HEAD request can also be issued to this endpoint to obtain resource information without receiving all data. |
DELETE |
/v2/<name>/blobs/<digest> |
Blob |
Delete the blob identified by name and digest |
POST |
/v2/<name>/blobs/uploads/ |
Initiate Blob Upload |
Initiate a resumable blob upload. If successful, an upload location will be provided to complete the upload. Optionally, if the digest parameter is present, the request body will be used to complete the upload in a single request. |
GET |
/v2/<name>/blobs/uploads/<uuid> |
Blob Upload |
Retrieve status of upload identified by uuid. The primary purpose of this endpoint is to resolve the current status of a resumable upload. |
PATCH |
/v2/<name>/blobs/uploads/<uuid> |
Blob Upload |
Upload a chunk of data for the specified upload. |
PUT |
/v2/<name>/blobs/uploads/<uuid> |
Blob Upload |
Complete the upload specified by uuid, optionally appending the body as the final chunk. |
DELETE |
/v2/<name>/blobs/uploads/<uuid> |
Blob Upload |
Cancel outstanding upload processes, releasing associated resources. If this is not called, the unfinished uploads will eventually timeout. |
GET |
/v2/_catalog |
Catalog |
Retrieve a sorted, json list of repositories available in the registry. |
相关推荐
加载镜像:docker load -i jdk8.tar
Docker:进阶与实战
第三章:Docker容器进阶--创建镜像、数据管理、网络一、Docker镜像创建方法--基于已有镜像、基于本地模板;二、Docker镜像创建方法--基于dock
node:18.15-alpine镜像的tar文件 使用步骤(确保本地环境已经安装docker) 1、将tar包下载到本地 2、打开终端 3、进入到上述tar包的下载路径 4、运行docker load node-18.15-alpine.tar
quay.io/coreos/flannel:v0.11.0-amd64镜像包,版本为v0.11.0-amd64 使用步骤 1、解压flanneld-v0.11.0-amd64.docker.zip 2、docker load -i flanneld-v0.11.0-amd64.docker 3、docker tag quay.io/coreos/flannel:v...
yinheli/docker-thunder-xware:latest 镜像打包下载 群晖 NAS DSM 系统,只要三步使用 Docker 安装迅雷远程下载
解决docker报错dial tcp lookup registry-1.docker.io
一般我们会使用镜像加速或者直接从国内的一些平台镜像仓库上拉取。 我比较常用的是网易的镜像中心和daocloud镜像市场。 网易镜像中心:https://c.163.com/hub#/m/home/ daocloud镜像市场:...
情景还原: 用docker拉取jenkins最新版本 docker pull jenkins/jenkins:lts报了这个错误: Error response from daemon: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker 一通百度,发现...
当没有第三方docker 仓库,可以使用registry 生成一个本地的docker仓库 使用docker load < registry.tar 导入镜像
【课程大纲】 01-什么是docker 02-Docker在Windows下的安装 03-Docker在MAC下的安装 04-Docker在Linux下的安装1 05-Docker在Linux下的安装2 06-Docker有何用?...51-实训项目2--Docker下构建SSH服务镜像
【课程大纲】 01-什么是docker 02-Docker在Windows下的安装 03-Docker在MAC下的安装 04-Docker在Linux下的安装1 05-Docker在Linux下的安装2 06-Docker有何用?...51-实训项目2--Docker下构建SSH服务镜像
屏幕截图仓库概述 标签概述 标签详情 删除标签用法码头工人执行: docker run --name registry-browser -it -p 8080:8080 -e DOCKER_REGISTRY_URL=http://your-registry:5000 klausmeyer/docker-registry-browser...
使用 docker-compose 的 docker-registry 配置文件 该项目基于和 。 我只是使用 docker-compose 来使这些工具易于使用。 您只需要运行一条指令就可以启动整个注册表服务。 docker-compose up
狂神 Docker 学习笔记 超详细从开始到进阶到补充 Docker 概述 Docker 是一个开源的应用容器引擎,基于 Go 语言并遵从 Apache2.0 协议开源。Docker 可以让开发者打包他们的应用以及依赖包到一个轻量级、可移植的...
docker-compose-wait:使用docker-compose时等待其他docker镜像启动的简单脚本
19-镜像分发20-自动化构建镜像21-注册服务器的创建22-镜像的上传23-容器创建实战24-容器管理实战125-容器管理实战226-容器管理实战327-依附容器28-容器信息查看129-容器信息查看230-容器内命令执行实战31-容器的导入...
canal-adapter-v1.1.7,docker镜像,参考的制作流程:https://blog.csdn.net/qiaodaima0/article/details/125561823?spm=1001.2014.3001.5501
可以直接用如下配置在docker-compose里启动: nacos: image: infras/nacos-server:v2.4.0 container_name: nacos networks: - infras_net volumes: - ./storage/logs/nacos:/data/nacos/logs - ./conf/nacos/...