亚洲激情专区-91九色丨porny丨老师-久久久久久久女国产乱让韩-国产精品午夜小视频观看

溫馨提示×

溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊×
其他方式登錄
點擊 登錄注冊 即表示同意《億速云用戶服務條款》

Docker第七回(私有Registry)

發布時間:2020-07-28 16:31:09 來源:網絡 閱讀:668 作者:yacai1990 欄目:云計算

一、Docker Registry的分類

Registry用來保存docker鏡像,包括鏡像的層次結構和元數據,用戶可以自建Registry,也可以使用官方的docker hub

  • Sponsor Registry:第三方的Registry,供客戶和docker社區使用

  • Mirror Registry:第三方的Registry,只讓客戶使用

  • Vendor Registry:由發布Docker鏡像的供應商提供的Registry

  • Private Registry:通過設有防火墻和額外的安全層的私有實體提供的Registry


二、Docker Distribution

docker distribution是docker為我們提供的私有倉庫軟件包,它也可以運行在容器中。因此,在docker hub中有它的鏡像。但是docker  distribution并沒有web界面,不支持像docker hub一樣在web中瀏覽、搜索鏡像,更不支持利用docker file實現在docker hub中自動構建鏡像。要實現這個功能,可以使用harbor


1、docker distribution的安裝方式

  • 通過下載ducker hub上的docker distribution鏡像來讓它跑在容器中,因為容器一旦停止,數據將被刪除的特性,我們還要為它提供存儲卷,利用網絡文件系統來持久化倉庫中的鏡像數據

  • yum安裝,docker distribution的安裝包在yum倉庫的Extras中,可以直接安裝



2、yum安裝docker distribution

2.1、安裝

[root@centos7-node2 ~]# yum info docker-distribution
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: centos.ustc.edu.cn
 * extras: mirror.bit.edu.cn
 * updates: mirror.bit.edu.cn
Installed Packages
Name        : docker-distribution
Arch        : x86_64
Version     : 2.6.2
Release     : 2.git48294d9.el7
Size        : 12 M
Repo        : installed
From repo   : extras
Summary     : Docker toolset to pack, ship, store, and deliver content
URL         : https://github.com/docker/distribution
License     : ASL 2.0
Description : Docker toolset to pack, ship, store, and deliver content

[root@centos7-node2 ~]# yum install docker-distribution

[root@centos7-node2 ~]# rpm -ql docker-distribution
/etc/docker-distribution/registry/config.yml
/usr/bin/registry
/usr/lib/systemd/system/docker-distribution.service
/usr/share/doc/docker-distribution-2.6.2
/usr/share/doc/docker-distribution-2.6.2/AUTHORS
/usr/share/doc/docker-distribution-2.6.2/CONTRIBUTING.md
/usr/share/doc/docker-distribution-2.6.2/LICENSE
/usr/share/doc/docker-distribution-2.6.2/MAINTAINERS
/usr/share/doc/docker-distribution-2.6.2/README.md
/var/lib/registry

[root@centos7-node2 ~]# service docker-distribution start
Redirecting to /bin/systemctl start docker-distribution.service
[root@centos7-node2 ~]# netstat -tlunp |grep 5000
tcp6       0      0 :::5000                 :::*                    LISTEN      2912/registry

2.2、配置

默認配置文件即可,根據自己需要更改

[root@centos7-node2 ~]# vim /etc/docker-distribution/registry/config.yml
version: 0.1
log:
  fields:
    service: registry
storage:
    cache:
        layerinfo: inmemory
    filesystem:
        rootdirectory: /var/lib/registry
http:
    addr: :5000


3、制作鏡像并上傳到docker-distribution

3.1、制作鏡像并上傳

[root@bogon ~]# docker tag httpd:1.1 centos7-node2.local:5000/httpd:1.1
[root@bogon ~]# docker image ls
REPOSITORY                       TAG                 IMAGE ID            CREATED             SIZE
centos7-node2.local:5000/httpd   1.1                 bbffcf779dd4        2 weeks ago         264MB
httpd                            1.1                 bbffcf779dd4        2 weeks ago         264MB
nginx                            stable              ecc98fc2f376        5 weeks ago         109MB

[root@bogon ~]# docker pull centos7-node2.local:5000/httpd:1.1
Error response from daemon: Get https://centos7-node2.local:5000/v2/: dial tcp 192.168.31.187:5000: connect: no route to host

[root@bogon ~]# vim /etc/docker/daemon.json
"insecure-registries": ["centos7-node2.local:5000"]
[root@bogon ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service

[root@bogon ~]# docker push centos7-node2.local:5000/httpd:1.1
The push refers to repository [centos7-node2.local:5000/httpd]
ddcb568d3d1e: Pushed 
da6517724f67: Pushed 
1.1: digest: sha256:e40c5748459eb28eb7cb39eb35f863abcd6b1aa1f341f1f8e999a27537d34bb5 size: 741

# docker客戶端默認使用https和Registry通信,如果私有倉庫是http協議,需要更改docker客戶端配置文件

3.2、docker distribution中驗證

[root@centos7-node2 ~]# ll /var/lib/registry/docker/registry/v2/repositories/httpd/_layers/sha256/
total 0
drwxr-xr-x. 2 root root 18 Nov 20 17:15 bbffcf779dd42e070d52a4661dcd3eaba2bed898bed8bbfe41768506f063ad32
drwxr-xr-x. 2 root root 18 Nov 20 17:15 f06537d9e799fdeca094e95d56295b96359d188988b5d78353f716de5856b5b1
drwxr-xr-x. 2 root root 18 Nov 20 17:15 f9f73d801f0558b085ffa505240a065319269c4cefbe9c2e60103d58761edfa8

3.3、在docker客戶端中刪除剛才的鏡像并重新獲取

[root@bogon ~]# docker image rm centos7-node2.local:5000/httpd:1.1
Untagged: centos7-node2.local:5000/httpd:1.1
Untagged: centos7-node2.local:5000/httpd@sha256:e40c5748459eb28eb7cb39eb35f863abcd6b1aa1f341f1f8e999a27537d34bb5
[root@bogon ~]# 
[root@bogon ~]# docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
httpd               1.1                 bbffcf779dd4        2 weeks ago         264MB
nginx               stable              ecc98fc2f376        5 weeks ago         109MB


[root@bogon ~]# docker pull centos7-node2.local:5000/httpd:1.1
1.1: Pulling from httpd
Digest: sha256:e40c5748459eb28eb7cb39eb35f863abcd6b1aa1f341f1f8e999a27537d34bb5
Status: Downloaded newer image for centos7-node2.local:5000/httpd:1.1
[root@bogon ~]# docker image ls
REPOSITORY                       TAG                 IMAGE ID            CREATED             SIZE
centos7-node2.local:5000/httpd   1.1                 bbffcf779dd4        2 weeks ago         264MB
httpd                            1.1                 bbffcf779dd4        2 weeks ago         264MB
nginx                            stable              ecc98fc2f376        5 weeks ago         109MB


三、harbor是什么

harbor是由Google、IBM、Microsoft共同成立的CNCF(云原生計算基金會),一個專門維護k8s等項目的第三方組織。它維護的項目有k8s、prometheus等,包括剛剛加入的harbor(私有倉庫服務器軟件)項目。harbor現在已經是一個企業級的倉庫應用程序。由VMWare在docker distribution的基礎上做的二次開發項目,加入了很多額外的程序,包括一個web界面。所以,我們可以使用harbor來構建完整的本地私有倉庫。

Project Harbor is an open source trusted cloud native Registry project that stores, signs, adn scans content。

Harbor extends the open source Docker Distribution by adding the functionalities  usually required by users such as security,identity and management

Harbor supports advanced features such as user management,access control,activity monitoring, and replication  between instances


1、harbor的特性

  • 支持多租戶,一個harbor可以讓很多用戶注冊進來管理自己的倉庫

  • 支持安全、風險分析

  •  支持審計日志

  • 基于角色的訪問控制

  • 支持多個harbor間的replication

  • 可擴展的api,ui圖形界面

  • 國際化的,當前支持english and chinese


2、harbor的安裝

harbor官方為了簡化它的安裝,把harbor做成了在容器中運行的應用,由于harbor依賴于mysqlredis等很多存儲系統。所以需要多個容器協同工作。因此vmware的harbor在部署和使用時需要借助docker的單機變盤工具compose

下載地址:https://github.com/goharbor/harbor/releases

安裝文檔:https://github.com/goharbor/harbor/blob/master/docs/installation_guide.md


[root@centos7-node2 src]# wget  
[root@centos7-node2 src]# tar -zxvf harbor-offline-installer-v1.5.4.tgz -C /usr/local/
[root@centos7-node2 src]# cd /usr/local/harbor/
[root@centos7-node2 harbor]# sed -i 's/hostname = reg.mydomain.com/hostname = centos7-node2.local/g' ./harbor.cfg
[root@centos7-node2 harbor]# yum install docker-compose
[root@centos7-node2 harbor]# yum install epel-release
[root@centos7-node2 harbor]# yum install docker-compose
[root@centos7-node2 harbor]# ./install.sh

?.----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at http://centos7-node2.local. 
For more details, please visit https://github.com/vmware/harbor .


[root@centos7-node2 harbor]# docker container ls -a
CONTAINER ID        IMAGE                                  COMMAND                  CREATED             STATUS                             PORTS                                                              NAMES
2ecc079867c6        vmware/nginx-photon:v1.5.4             "nginx -g 'daemon of??   14 seconds ago      Up 12 seconds (health: starting)   0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp   nginx
a1b51d6d296a        vmware/harbor-jobservice:v1.5.4        "/harbor/start.sh"       14 seconds ago      Up 12 seconds                                                                                         harbor-jobservice
0ffb3f2a442e        vmware/harbor-ui:v1.5.4                "/harbor/start.sh"       16 seconds ago      Up 14 seconds (health: starting)                                                                      harbor-ui
1c5e3590ac25        vmware/registry-photon:v2.6.2-v1.5.4   "/entrypoint.sh serv??   19 seconds ago      Up 16 seconds (health: starting)   5000/tcp                                                           registry
fd09682ac89a        vmware/harbor-adminserver:v1.5.4       "/harbor/start.sh"       19 seconds ago      Up 16 seconds (health: starting)                                                                      harbor-adminserver
054710b41aa2        vmware/harbor-db:v1.5.4                "/usr/local/bin/dock??   19 seconds ago      Up 16 seconds (health: starting)   3306/tcp                                                           harbor-db
c03daf7e3bb1        vmware/redis-photon:v1.5.4             "docker-entrypoint.s??   19 seconds ago      Up 17 seconds                      6379/tcp                                                           redis
b1fcf0c916a1        vmware/harbor-log:v1.5.4               "/bin/sh -c /usr/loc??   22 seconds ago      Up 18 seconds (health: starting)   127.0.0.1:1514->10514/tcp                                          harbor-log
[root@centos7-node2 harbor]#

harbor安裝成功后會啟動8個容器。

注意:由于harbor的網絡是nat,所以要開啟防火墻服務,否則會安裝不了。

最后安裝成功的web界面

Docker第七回(私有Registry)


3、使用harbor web界面

3.1、創建新項目

Docker第七回(私有Registry)


3.2、點擊新創建的項目,目前還沒有任何鏡像

Docker第七回(私有Registry)


3.3、使用docker客戶端制作鏡像并上傳

[root@bogon ~]# docker tag centos7-node2.local:5000/httpd:1.1 centos7-node2.local/development/httpd:1.2
[root@bogon ~]# docker tag centos7-node2.local:5000/httpd:1.1 centos7-node2.local/development/httpd:1.3
[root@bogon ~]# docker tag centos7-node2.local:5000/httpd:1.1 centos7-node2.local/development/httpd:1.4
[root@bogon ~]# docker login centos7-node2.local
Username: gouyacai
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.

[root@bogon ~]# docker push centos7-node2.local/development/httpd:1.2
The push refers to repository [centos7-node2.local/development/httpd]
ddcb568d3d1e: Pushed 
da6517724f67: Pushed 
1.2: digest: sha256:e40c5748459eb28eb7cb39eb35f863abcd6b1aa1f341f1f8e999a27537d34bb5 size: 741
[root@bogon ~]# docker push centos7-node2.local/development/httpd:1.3
The push refers to repository [centos7-node2.local/development/httpd]
ddcb568d3d1e: Layer already exists 
da6517724f67: Layer already exists 
1.3: digest: sha256:e40c5748459eb28eb7cb39eb35f863abcd6b1aa1f341f1f8e999a27537d34bb5 size: 741
[root@bogon ~]# docker push centos7-node2.local/development/httpd:1.4
The push refers to repository [centos7-node2.local/development/httpd]
ddcb568d3d1e: Layer already exists 
da6517724f67: Layer already exists 
1.4: digest: sha256:e40c5748459eb28eb7cb39eb35f863abcd6b1aa1f341f1f8e999a27537d34bb5 size: 741

Docker第七回(私有Registry)


3.4、從harbor中拉取鏡像到docker客戶端

[root@bogon ~]# docker image rm centos7-node2.local/development/httpd:1.2
Untagged: centos7-node2.local/development/httpd:1.2
[root@bogon ~]# docker image rm centos7-node2.local/development/httpd:1.3
Untagged: centos7-node2.local/development/httpd:1.3
[root@bogon ~]# docker image rm centos7-node2.local/development/httpd:1.4
Untagged: centos7-node2.local/development/httpd:1.4
Untagged: centos7-node2.local/development/httpd@sha256:e40c5748459eb28eb7cb39eb35f863abcd6b1aa1f341f1f8e999a27537d34bb5
[root@bogon ~]# 
[root@bogon ~]# docker image ls
REPOSITORY                       TAG                 IMAGE ID            CREATED             SIZE
centos7-node2.local:5000/httpd   1.1                 bbffcf779dd4        2 weeks ago         264MB
httpd                            1.1                 bbffcf779dd4        2 weeks ago         264MB
nginx                            stable              ecc98fc2f376        5 weeks ago         109MB
centos                           6.6                 4e1ad2ce7f78        5 weeks ago         203MB
redis                            4-alpine            05097a3a0549        6 weeks ago         30MB

[root@bogon ~]# docker pull centos7-node2.local/development/httpd:1.2
1.2: Pulling from development/httpd
Digest: sha256:e40c5748459eb28eb7cb39eb35f863abcd6b1aa1f341f1f8e999a27537d34bb5
Status: Downloaded newer image for centos7-node2.local/development/httpd:1.2

[root@bogon ~]# docker pull centos7-node2.local/development/httpd:1.3
1.3: Pulling from development/httpd
Digest: sha256:e40c5748459eb28eb7cb39eb35f863abcd6b1aa1f341f1f8e999a27537d34bb5
Status: Downloaded newer image for centos7-node2.local/development/httpd:1.3

[root@bogon ~]# docker pull centos7-node2.local/development/httpd:1.4
1.4: Pulling from development/httpd
Digest: sha256:e40c5748459eb28eb7cb39eb35f863abcd6b1aa1f341f1f8e999a27537d34bb5
Status: Downloaded newer image for centos7-node2.local/development/httpd:1.4

[root@bogon ~]# docker image ls
REPOSITORY                              TAG                 IMAGE ID            CREATED             SIZE
httpd                                   1.1                 bbffcf779dd4        2 weeks ago         264MB
centos7-node2.local/development/httpd   1.2                 bbffcf779dd4        2 weeks ago         264MB
centos7-node2.local/development/httpd   1.3                 bbffcf779dd4        2 weeks ago         264MB
centos7-node2.local/development/httpd   1.4                 bbffcf779dd4        2 weeks ago         264MB


向AI問一下細節

免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。

AI

济阳县| 灵宝市| 巴塘县| 兴化市| 郴州市| 广昌县| 东至县| 通化县| 会泽县| 朔州市| 台北县| 黎川县| 唐海县| 金门县| 玉林市| 婺源县| 称多县| 瑞昌市| 桃江县| 手游| 东方市| 平定县| 怀远县| 盐源县| 昌黎县| 阿荣旗| 建德市| 和龙市| 锡林郭勒盟| 墨脱县| 德兴市| 高阳县| 邢台县| 岗巴县| 西青区| 双峰县| 兴城市| 会理县| 集贤县| 江山市| 民勤县|