CENTOS docker拉取私服镜像

概述

docker的应用越来越多，安装部署越来越方便，批量自动化的镜像生成和发布都需要docker镜像的拉取。

centos6版本太老，docker的使用过程中问题较多，centos7相对简单容易。

本文档主要介绍centos系统安装docker和拉取docker私服镜像的步骤和问题解决。

环境

docker registry:2

centos 6 && docker 1.7.1

centos 7 && docker 24.0.6

centos6

docker安装，命令会自动安装依赖libcgroup。

yum install https://get.docker.com/rpm/1.7.1/centos-6/RPMS/x86_64/docker-engine-1.7.1-1.el6.x86_64.rpm

docker-engine     x86_64   1.7.1-1.el6

libcgroup              x86_64   0.40.rc1-27.el6_10

启动。

sudo service docker start

查看版本。

sudo docker version

Client version: 1.7.1

Client API version: 1.19

Go version (client): go1.4.2

Git commit (client): 786b29d

OS/Arch (client): linux/amd64

Server version: 1.7.1

Server API version: 1.19

Go version (server): go1.4.2

Git commit (server): 786b29d

OS/Arch (server): linux/amd64

拉取docker私服镜像报错。

$ sudo docker pull 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2

Error response from daemon: invalid registry endpoint https://10.55.55.136:5000/v0/: unable to ping registry endpoint https://10.55.55.136:5000/v0/

v2 ping attempt failed with error: Get https://10.55.55.136:5000/v2/: tls: oversized record received with length 20527

v1 ping attempt failed with error: Get https://10.55.55.136:5000/v1/_ping: tls: oversized record received with length 20527. If this private registry supports only HTTP orHTTPS with an unknown CA certificate, please add --insecure-registry 10.55.55.136:5000 to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/10.55.55.136:5000/ca.crt

报错解决方案，修改docker启动参数。

sudo vi /etc/sysconfig/docker

other_args="--insecure-registry 10.55.55.136:5000"

重启。

sudo service docker restart

重新拉取私服镜像，成功。

$ sudo docker pull 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2

v1.2: Pulling from 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release

376a065e9bca: Pull complete

e8ea2a607cf1: Pull complete

da288f16cf46: Pull complete

41a8d4a923cc: Extracting [==================================================>] 412.3 MB/412.3 MB

41a8d4a923cc: Pulling fs layer

41a8d4a923cc: Pull complete

Digest: sha256:d6ea6d10cf22cff4813f877762682969369392b2922cc4020be772166ce29943

Status: Downloaded newer image for 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2

centos7

centos7系统需要安装docker-ce版本。

删除centos7系统默认docker。

yum remove docker \

                  docker-client \

                  docker-client-latest \

                  docker-common \

                  docker-latest \

                  docker-latest-logrotate \

                  docker-logrotate \

                  docker-selinux \

                  docker-engine-selinux \

                  docker-engine

安装依赖包。

yum install -y yum-utils device-mapper-persistent-data lvm2

docker-ce的yum源。

yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

安装docker-ce。

yum makecache fast

yum -y install docker-ce

启动。

systemctl start docker

拉取docker私服镜像报错。

$ sudo docker pull 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2

Error response from daemon: Get "https://10.55.55.136:5000/v2/": http: server gave HTTP response to HTTPS client

报错解决方案，修改docker启动参数。

sudo vi /etc/docker/daemon.json

{

       "insecure-registries":[

              "10.55.55.136:5000"

       ]

}

重启。

sudo systemctl restart docker

重新拉取私服镜像，成功。

$ sudo docker pull 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2

v1.2: Pulling from zr/centos.7-fs.1.6.19-release

Digest: sha256:310545c07c5628db19032840a74c22992c5916b70c5dea3a1660181bbc48eb43

Status: Image is up to date for 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2

10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2

容器导出导入

如果系统无法实现自动拉取镜像，也可以通过save功能将镜像保存为tar包，然后在宿主机上通过load加载镜像。

sudo docker save -o centos.7-fs.1.6.19-release.v1.2.tar 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2

sudo docker load -i centos.7-fs.1.6.19-release.v1.2.tar

总结

尽快切换掉centos6系统。

docker registry的私服镜像使用更方便。

docker镜像包的瘦身工作要持续进行。

空空如常

求真得真