Registry Classification
Sponsor Registry
: a third-party registry for customers and communities
Mirror Registry
: third-party registry, only available to users
Vendor Registry
: The registry provided by the vendor that published the image
Private Registry
: Private registry with fire period and extra security layer (ssl)
Why you need a private registry
Generally deployed locally self-built (using intranet), if you use aliyun
directly use the registry of ali
can be.
- Hosted Mirror
- Low bandwidth consumption
- Fast download speed
- Rapid Deployment
Install docker-registry
To install registry in ubuntu 16.04 use apt-get install docker-registry. After installing the image storage directory is. /var/lib/docker-registry
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
root@iZm5e7rjmq1tkuwoy8h8vuZ:~# apt-get install docker-registry
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libopts25 python-meld3 python-pkg-resources
Use 'apt autoremove' to remove them.
The following NEW packages will be installed:
docker-registry
0 upgraded, 1 newly installed, 0 to remove and 205 not upgraded.
Need to get 2,694 kB of archives.
After this operation, 12.6 MB of additional disk space will be used.
Get:1 http://mirrors.cloud.aliyuncs.com/ubuntu xenial/universe amd64 docker-registry amd64 2.3.0~ds1-1 [2,694 kB]
Fetched 2,694 kB in 0s (8,438 kB/s)
Selecting previously unselected package docker-registry.
(Reading database ... 103689 files and directories currently installed.)
Preparing to unpack .../docker-registry_2.3.0~ds1-1_amd64.deb ...
Unpacking docker-registry (2.3.0~ds1-1) ...
Processing triggers for systemd (229-4ubuntu21.16) ...
Processing triggers for ureadahead (0.100.0-19) ...
Setting up docker-registry (2.3.0~ds1-1) ...
Adding system user `docker-registry' (UID 113) ...
Adding new group `docker-registry' (GID 122) ...
Adding new user `docker-registry' (UID 113) with group `docker-registry' ...
Not creating home directory `/var/lib/docker-registry'.
Processing triggers for systemd (229-4ubuntu21.16) ...
Processing triggers for ureadahead (0.100.0-19) ...
|
Check the boot port 5000
1
2
3
4
5
6
7
8
|
root@iZm5e7rjmq1tkuwoy8h8vuZ:~# netstat -nlpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 27873/nginx -g daem
tcp 0 0 127.0.0.1:8222 0.0.0.0:* LISTEN 8466/python3
tcp6 0 0 :::5000 :::* LISTEN 32026/docker-regist
tcp6 0 0 :::8335 :::* LISTEN 17406/docker-proxy
tcp6 0 0 :::8336 :::* LISTEN 17989/docker-proxy
|
Modify client image tag
1
2
3
4
5
6
|
luodi@roddydeMacBook-Pro:~$ docker tag nginxtest 120.27.0.222:5000/nginxtest:1.0.0
luodi@roddydeMacBook-Pro:~$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 5b5cf5c2be8f 23 hours ago 249MB
120.27.0.222:5000/nginxtest 1.0.0 1c26cc9ad467 24 hours ago 249MB
nginxtest latest 1c26cc9ad467 24 hours ago 249MB
|
Push Mirror
We can’t push to the private registry, suggesting that we need https, but we can modify the docker configuration file to add insecure-registries
1
2
3
4
|
luodi@roddydeMacBook-Pro:~$ docker push 120.27.0.222:5000/nginxtest:1.0.0
The push refers to repository [120.27.0.222:5000/nginxtest]
Get https://120.27.0.222:5000/v2/: http: server gave HTTP response to HTTPS client
luodi@roddydeMacBook-Pro:~$
|
Configuration Reference:
1
2
3
4
5
6
7
8
9
|
{
"experimental": false,
"debug": true,
"registry-mirrors": [
"http://hub-mirror.c.163.com",
"https://docker.mirrors.ustc.edu.cn"
],
"insecure-registries":["120.27.0.222:5000"]
}
|
Restart client docker after modification
1
2
3
4
|
luodi@roddydeMacBook-Pro:~/dockerfile_build/httpd$ docker push 120.27.0.222:5000/nginxtest:1.0.0
The push refers to repository [120.27.0.222:5000/nginxtest]
291f6e44771a: Pushed
1.0.0: digest: sha256:fc4a234b91cc4b542bac8a6ad23b2ddcee60ae68fc4dbd4a52efb5f1b0baad71 size: 529
|
After successful upload, look at the directory structure, it will be stored in the v2 directory
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
/var/lib/docker-registry/
└── docker
└── registry
└── v2
├── blobs
│ └── sha256
│ ├── 0d
│ │ └── 0d120b6ccaa8c5e149176798b3501d4dd1885f961922497cd0abef155c869566
│ │ └── data
│ ├── 3c
│ │ └── 3c72a8ed68140139e483fe7368ae4d9651422749e91483557cbd5ecf99a96110
│ │ └── data
│ └── fc
│ └── fc4a234b91cc4b542bac8a6ad23b2ddcee60ae68fc4dbd4a52efb5f1b0baad71
│ └── data
└── repositories
└── nginxtest
├── _layers
│ └── sha256
│ ├── 0d120b6ccaa8c5e149176798b3501d4dd1885f961922497cd0abef155c869566
│ │ └── link
│ └── 3c72a8ed68140139e483fe7368ae4d9651422749e91483557cbd5ecf99a96110
│ └── link
├── _manifests
│ ├── revisions
│ │ └── sha256
│ │ └── fc4a234b91cc4b542bac8a6ad23b2ddcee60ae68fc4dbd4a52efb5f1b0baad71
│ │ └── link
│ └── tags
│ └── 1.0.0
│ ├── current
│ │ └── link
│ └── index
│ └── sha256
│ └── fc4a234b91cc4b542bac8a6ad23b2ddcee60ae68fc4dbd4a52efb5f1b0baad71
│ └── link
└── _uploads
|
Installation using containers
Since registry itself is a container, by default, private repositories are stored in the /var/lib/registry
directory inside the container, so that if the container is deleted, the images stored in the container will also be lost.
Download registry image
1
2
3
4
5
6
7
8
9
10
11
|
root@iZm5e7rjmq1tkuwoy8h8vuZ:~# docker pull registry
Using default tag: latest
latest: Pulling from library/registry
cbdbe7a5bc2a: Pull complete
47112e65547d: Pull complete
46bcb632e506: Pull complete
c1cc712bcecd: Pull complete
3db6272dcbfa: Pull complete
Digest: sha256:8be26f81ffea54106bae012c6f349df70f4d5e7e2ec01b143c46e2c03b9e551d
Status: Downloaded newer image for registry:latest
docker.io/library/registry:latest
|
Start the registry container
1
2
3
4
5
|
root@iZm5e7rjmq1tkuwoy8h8vuZ:~# docker run -dit -p 5000:5000 --restart=always --name Myregistry -v /root/registry:/var/lib/registry registry
d65c75db0954348d5d06a896c04c5e935606e023a1a260b62959600e0165d146
droot@iZm5e7rjmq1tkuwoy8h8vuZ:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d65c75db0954 registry "/entrypoint.sh /etc…" 3 seconds ago Up 2 seconds 0.0.0.0:5000->5000/tcp Myregistry
|
Push Mirror
1
2
3
4
|
luodi@roddydeMacBook-Pro:~/dockerfile_build/httpd$ docker push 120.27.0.222:5000/nginxtest:1.0.0
The push refers to repository [120.27.0.222:5000/nginxtest]
291f6e44771a: Pushed
1.0.0: digest: sha256:fc4a234b91cc4b542bac8a6ad23b2ddcee60ae68fc4dbd4a52efb5f1b0baad71 size: 529
|
Reference http://roddypy.com/2020/08/19/%E6%9E%84%E5%BB%BAdocker%E7%A7%81%E6%9C%89%E4%BB%93%E5%BA%93/