概述
docker的应用越来越多,安装部署越来越方便,批量自动化的镜像生成和发布都需要docker镜像的拉取。
centos6版本太老,docker的使用过程中问题较多,centos7相对简单容易。
本文档主要介绍centos系统安装docker和拉取docker私服镜像的步骤和问题解决。
环境
docker registry:2
centos 6 && docker 1.7.1
centos 7 && docker 24.0.6
centos6
docker安装,命令会自动安装依赖libcgroup。
yum install https://get.docker.com/rpm/1.7.1/centos-6/RPMS/x86_64/docker-engine-1.7.1-1.el6.x86_64.rpm
docker-engine x86_64 1.7.1-1.el6
libcgroup x86_64 0.40.rc1-27.el6_10
启动。
sudo service docker start
查看版本。
sudo docker version
Client version: 1.7.1
Client API version: 1.19
Go version (client): go1.4.2
Git commit (client): 786b29d
OS/Arch (client): linux/amd64
Server version: 1.7.1
Server API version: 1.19
Go version (server): go1.4.2
Git commit (server): 786b29d
OS/Arch (server): linux/amd64
拉取docker私服镜像报错。
$ sudo docker pull 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2
Error response from daemon: invalid registry endpoint https://10.55.55.136:5000/v0/: unable to ping registry endpoint https://10.55.55.136:5000/v0/
v2 ping attempt failed with error: Get https://10.55.55.136:5000/v2/: tls: oversized record received with length 20527
v1 ping attempt failed with error: Get https://10.55.55.136:5000/v1/_ping: tls: oversized record received with length 20527. If this private registry supports only HTTP orHTTPS with an unknown CA certificate, please add --insecure-registry 10.55.55.136:5000 to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/10.55.55.136:5000/ca.crt
报错解决方案,修改docker启动参数。
sudo vi /etc/sysconfig/docker
other_args="--insecure-registry 10.55.55.136:5000"
重启。
sudo service docker restart
重新拉取私服镜像,成功。
$ sudo docker pull 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2
v1.2: Pulling from 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release
376a065e9bca: Pull complete
e8ea2a607cf1: Pull complete
da288f16cf46: Pull complete
41a8d4a923cc: Extracting [==================================================>] 412.3 MB/412.3 MB
41a8d4a923cc: Pulling fs layer
41a8d4a923cc: Pull complete
Digest: sha256:d6ea6d10cf22cff4813f877762682969369392b2922cc4020be772166ce29943
Status: Downloaded newer image for 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2
centos7
centos7系统需要安装docker-ce版本。
删除centos7系统默认docker。
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine
安装依赖包。
yum install -y yum-utils device-mapper-persistent-data lvm2
docker-ce的yum源。
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
安装docker-ce。
yum makecache fast
yum -y install docker-ce
启动。
systemctl start docker
拉取docker私服镜像报错。
$ sudo docker pull 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2
Error response from daemon: Get "https://10.55.55.136:5000/v2/": http: server gave HTTP response to HTTPS client
报错解决方案,修改docker启动参数。
sudo vi /etc/docker/daemon.json
{
"insecure-registries":[
"10.55.55.136:5000"
]
}
重启。
sudo systemctl restart docker
重新拉取私服镜像,成功。
$ sudo docker pull 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2
v1.2: Pulling from zr/centos.7-fs.1.6.19-release
Digest: sha256:310545c07c5628db19032840a74c22992c5916b70c5dea3a1660181bbc48eb43
Status: Image is up to date for 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2
10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2
容器导出导入
如果系统无法实现自动拉取镜像,也可以通过save功能将镜像保存为tar包,然后在宿主机上通过load加载镜像。
sudo docker save -o centos.7-fs.1.6.19-release.v1.2.tar 10.55.55.136:5000/zr/centos.7-fs.1.6.19-release:v1.2
sudo docker load -i centos.7-fs.1.6.19-release.v1.2.tar
总结
尽快切换掉centos6系统。
docker registry的私服镜像使用更方便。
docker镜像包的瘦身工作要持续进行。
空空如常
求真得真
