Setting up a remote private Docker registry

2020-02-10 06:45发布

问题:

I need some tips on setting up a 'remote private Docker registry'.

README.md on Docker-Registry mainly focus on private registry running on the same host, does not specify how other machines can access it remotely (or maybe too complex to understand).

So far I found these threads:

Docker: Issue with pulling from a private registry from another server (Still an open thread, no solution offered. Further discussion on Github gives hint on proxy, but how does that work?)

Create a remote private registry (Maybe closest to what I'm looking for, but what command do I need to access the registry from other machines?)

How to use your own registry (Again, this focuses on running registry on the same host. It did mention running on port 443 or 80 for other machines to access, but need more detail!)

Running out of clues, any input very appreciated!

回答1:

I was able to set up a remote private registry by referring to this: Remote access to a private docker-registry

Steps:

  1. On registry host, run docker run -p 5000:5000 registry
  2. On client host, start Docker service by docker -d --insecure-registry 10.11.12.0:5000 (replace 10.11.12.0 with your own registry ip, and you might want to daemonize the process so it'll continue running after shell closes.)

Edit: Alternatively, you can edit Docker's init script (/etc/sysconfig/docker for RHEL/CentOS, /var/lib/docker for Ubuntu/Debian). Add this line other_args="--insecure-registry 10.11.12.0:5000", then do a service docker restart. This is a recommended method as it daemonizes the Docker process.

Now, try if it works:

  1. In client, download a busybox image docker pull busybox
  2. Give it a new tag docker tag busybox 10.11.12.0:5000/busybox
  3. Push it to registry docker push 10.11.12.0:5000/busybox
  4. Verify the push docker search 10.11.12.0:5000/busybox
  5. Remove all images and pull it from your registry docker rmi busybox 10.11.12.0:5000:busybox docker pull 10.11.12.0:5000:busybox
  6. Run docker images should have the image you just pulled from your own remote private registry.


回答2:

I use private registry in the next way:

  • It has FQDN: docker.mycompany.com
  • All images which I create have name: docker.mycompany.com/image1, docker.mycompany.com/image2, etc

After that all is working seamlessly:

  • Push image to registry:

    docker push docker.mycompany.com/image1

  • Pull and run image:

    docker run docker.mycompany.com/image2