日韩中文字幕区,天天操,夜夜爽,日韩在线一区二区

Docker Registry 私有倉庫搭建

官方已經(jīng)提供了很多版本的 Linux 鏡像，直接從官方倉庫（Public Repositories）下載就可以了。如果考慮到安全性和速度，我們可能會(huì)想在自己局域網(wǎng)里架設(shè)一個(gè)私有倉庫（Private Repositories）來放我們自己的鏡像，Docker-Registry 正是我們需要的工具。

本次搭建

docker-registry server (dev) (v0.9.0)

添加docker用戶和目錄

為了安全起見，我們可以添加一個(gè)用戶docker，使用這個(gè)非root用戶來允許docker registry程序，同時(shí)指定好docker鏡像的存儲(chǔ)位置，本處指定為/home/docker_registry目錄

									useradd docker

									mkdir -p /home/docker_registry

									chown -R docker.docker /home/docker_registry/

從github克隆最新版本registry, 進(jìn)入這個(gè)目錄下的config子目錄，從模板復(fù)制一個(gè)配置文件出來：

									git clone https://github.com/docker/docker-registry.git

									cd docker-registry/config

									cp config_sample.yml config.yml

此時(shí)可以修改這個(gè)config.yml配置文件，需要注意修改以下的兩個(gè)地方：

									#配置sqlite數(shù)據(jù)庫位置

									sqlalchemy_index_database: _env:SQLALCHEMY_INDEX_DATABASE:sqlite:////home/docker_registry/docker-registry.db

									#配置本地存儲(chǔ)位置

									local: &local

									  storage: local

									  storage_path: _env:STORAGE_PATH:/home/docker_registry

安裝一些必要軟件包和一些 Docker-Registry 需要用到的 Python 工具和庫：

1 2	`apt-get update` `apt-get` `install` `build-essential python-dev liblzma-dev libevent-dev python-pip libssl-dev`

使用apt-get安裝軟件包時(shí)經(jīng)常會(huì)提示讓你插入netinst的光盤：

Media change: please insert the disc labeled

當(dāng)沒有時(shí)就無法進(jìn)行安裝了，這時(shí)可以打開文件/etc/apt/sources.list文件，注釋掉cdrom那一行，

然后再執(zhí)行apt-get update更新下deb倉庫，

這樣以后再使用apt-get安裝時(shí)就不會(huì)再搜尋cdrom了

修改HOSTS文件加上域名

1 2	`vim` `/etc/hosts` `127.0.0.1 docker.registry.com`

安裝Nginx

									apt-get install nginx

									#配置Nginx config

									vim /etc/nginx/nginx.conf

									user www-data;

									worker_processes 4;

									pid /run/nginx.pid;

									events {

									  worker_connections 768;

									  # multi_accept on;

									}

									http {

									  ##

									  # Basic Settings

									  ##

									  sendfile on;

									  tcp_nopush on;

									  tcp_nodelay on;

									  keepalive_timeout 65;

									  types_hash_max_size 2048;

									  # server_tokens off;

									  # server_names_hash_bucket_size 64;

									  # server_name_in_redirect off;

									  include /etc/nginx/mime.types;

									  default_type application/octet-stream;

									  ##

									  # Logging Settings

									  ##

									  access_log /var/log/nginx/access.log;

									  error_log /var/log/nginx/error.log;

									  ##

									  # Gzip Settings

									  ##

									  gzip on;

									  gzip_disable "msie6";

									  # gzip_vary on;

									  # gzip_proxied any;

									  # gzip_comp_level 6;

									  # gzip_buffers 16 8k;

									  # gzip_http_version 1.1;

									  # gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

									  ##

									  # nginx-naxsi config

									  ##

									  # Uncomment it if you installed nginx-naxsi

									  ##

									  #include /etc/nginx/naxsi_core.rules;

									  ##

									  # nginx-passenger config

									  ##

									  # Uncomment it if you installed nginx-passenger

									  ##

									  #passenger_root /usr;

									  #passenger_ruby /usr/bin/ruby;

									  ##

									  # Virtual Host Configs

									  ##

									  include /etc/nginx/conf.d/*.conf;

									  include /etc/nginx/sites-enabled/*;

									  upstream docker-registry {

									   server localhost:5000;

									  }

									  server {

									   listen 80;

									   server_name docker.registry.com;

									   proxy_set_header Host    $http_host;  # required for docker client's sake

									   proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP

									   client_max_body_size 0; # disable any limits to avoid HTTP 413 for large image uploads

									   # required to avoid HTTP 411: see Issue #1486 (https://github.com/dotcloud/docker/issues/1486)

									   chunked_transfer_encoding on;

									   #   

									   location / {

									    proxy_pass http://docker-registry;

									   }

									  }

									}

啟動(dòng)Nginx

service nginx start

訪問瀏覽器測試

http://192.168.124.130/

Docker Registry 私有倉庫搭建詳細(xì)步驟

安裝python依賴

1 2	`cd` `/opt/docker-registry` `pip` `install` `.`

若出現(xiàn)：Cannot connect to proxy. Socket error: [Errno -2] Name or service not known.

手動(dòng)安裝依賴包加代理參數(shù)

									pip install -i http://pypi.v2ex.com/simple .

									#注銷下面的 pip install . 安裝全部

									--pip install -i http://pypi.v2ex.com/simple gunicorn

建立軟連接

ln -s /usr/local/bin/gunicorn /usr/bin/gunicorn

nginx啟動(dòng)之后，使用docker用戶執(zhí)行以下的命令可以測試啟動(dòng)：

gunicorn --access-logfile - --error-logfile - -k gevent -b 0.0.0.0:5000 -w 8 --max-requests 100 docker_registry.wsgi:application
訪問瀏覽器

http://docker.registry.com

Docker Registry 私有倉庫搭建詳細(xì)步驟

如果看到以下的輸出，則表明docker registry安裝成功

給目錄下數(shù)據(jù)庫賦權(quán)限,不然上傳文件時(shí)會(huì)不能寫數(shù)據(jù)庫

chmod 777 /home/docker_registry/repositories/docker-registry.db

使用supervisord來進(jìn)行進(jìn)程的監(jiān)控

apt-get install supervisor

配置supervisor [docker-registry]

vim /etc/supervisor/conf.d/docker-registry.conf

									[program:docker-registry]

									directory=/opt/docker-registry

									#使用docker用戶

									user=docker

									command=/usr/local/bin/gunicorn --access-logfile - --error-logfile - -k gevent -b 0.0.0.0:5000 -w 8 --max-requests 100 --graceful-timeout 3600 -t 3600 docker_registry.wsgi:application 

									redirect_stderr=true

									stderr_logfile=none

									stdout_logfile=/var/log/supervisor/docker-registry.log

									autostart=true

									autorestart=true

									#重新加載 supervisor 配置：

									supervisorctl

									supervisor> reread

									docker-registry: available

									supervisor> update

									docker-registry: added process group

									supervisor> status

									docker-registry  RUNNING  pid 4371, uptime 0:00:01