有一个集群, 里面有三台服务器
master: 192.168.1.106
nodes1: 192.168.1.104
nodes2: 192.168.1.105
操作系统: 使用的MacOS, windows同样有效
选择将nodes1作为镜像仓库.
docker pull registry
docker run -p 5000:5000 -v /home/registry_images:/var/lib/registry -d --restart=always registry
这里将registry挂载到了本地home目录, 避免docker重启后, 镜像丢失
/etc/docker/daemon.json
{
"insecure-registries":["192.168.1.104:5000"], //修改为registry所在容器的宿主机
"registry-mirrors": ["https://w52p8twk.mirror.aliyuncs.com"]
}
"insecure-registries": 含义是, 192.168.1.104不是一个安全的http请求, 但请信任这个仓库地址.
我的registry在node节点上, node的ip是192.168.1.104
systemctl daemon-reload
systemctl restart docker
领取nginx镜像
docker pull nginx
改名
docker tag nginx 192.168.1.104:5000/nginx:test
尝试把 192.168.1.104:5000/nginx:test上传到我们的Registry仓库
docker push 192.168.1.104:5000/nginx:test
可以成功push, 说明我们的仓库是创建成功了.
{
"insecure-registries":["192.168.1.104:5000"],
"registry-mirrors": ["https://w52p8twk.mirror.aliyuncs.com"]
}
重启docker
systemctl daemon-reload
systemctl restart docker
所有设置都没问题, 但是上传就是失败
查询日志
cd /var/log
tail -200f messages
错误信息如下:
Attempting next endpoint for push after error: Get https://192.168.198.142:5000/v2/: http: server gave HTTP response to HTTPS client"
出现这个问题有两种情况
1. 没有配置"insecure-registries":["192.168.1.104:5000"], 可以确定我是配置了的, 上面有具体方法
2. 没有关闭防火墙
setenforce 0 //关闭防火墙
查询防火墙
getenforce
有两个方法
cd /home/registry_images
详细目录如下:
cd /home/registry_images/docker/registry/v2/repositories
这个目录是我设置的镜像仓库在本地的挂载目录.
curl -XGET http://192.168.1.104:5000/v2/_catalog
{"repositories":["nginx"]}
curl -XGET http://192.168.1.104:5000/v2/nginx/tags/list
{"errors":[{"code":"NAME_UNKNOWN","message":"repositoryname not known toregistry","detail":{"name":"image_name"}}]}
curl -XGET http://192.168.1.104:5000/v2/nginx/tags/list
{"name":"nginx","tags":["latest"]}