1. Docker版
国外镜像真的太难拉下来了,所以采用 docker registry 来存储镜像供其他节点使用,
拉取registry镜像
sudo docker pull hub.c.163.com/library/registry:2.6.0
启动仓库
sudo docker run -d -p 5000:5000 -v /docker/registry:/tmp/registry hub.c.163.com/library/registry:2.6.0
将各个镜像上传到仓库
sudo docker tag gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.2 202.193.74.222/k8s-dns-dnsmasq-nanny-amd64:1.14.2
sudo docker push 202.193.74.222:5000/k8s-dns-dnsmasq-nanny-amd64:1.14.2
2. Harbor版
参考文献:
harbor搭建
harbor搭建与问题修改
Harbor也是基于registry镜像进行搭建的,可视化界面比较友好,官网下载分为在线版和离线版,建议用离线版,因为在线版需要自己在国外网站拉取镜像,伟大的墙的威力还是有的,离线版就简单了,直接有版本对应好的镜像.
- 环境与配置
安装环境:docker1.10+,python2.7+,docker-compose1.6.0+
下载离线安装包harbor-offline,配置harbor.cfg修改:
hostname = n2
db_password = admin
harbor_admin_password = admin #这个是登录密码
启动与访问
通过docker-compose.yml修改端口号
再通过./prepare来更新配置
之后进行./install.sh来安装
最后通过docker-compose up -d来启动
启动后通过n2:80来访问仓库登录与上传
先进行登录docker login n2:80提示Login Succeeded为安装成功
注:这里上传需要先在web端建好项目名,比如上传到仓库名library中:
sudo docker tag n2:80/library/test:v1
sudo docker push n2:80/library/test:v1
3. Errors
E1:
test@Test1:~$ sudo docker push 202.193.74.222:5000/test:latest
# ERROR
The push refers to a repository [202.193.74.222:5000/test]
Get https://202.193.74.222:5000/v1/_ping: http: server gave HTTP response to HTTPS client
解决方法1:
在/etc/docker/目录下,创建daemon.json文件。在文件中写入:
{ "insecure-registries":["ip:5000"] }
解决方法2:
Centos中vim /etc/sysconfig/docker,在文件中添加:
ADD_REGISTRY='--add-registry e2:80'
INSECURE_REGISTRY='--insecure-registry e2:80'
解决方法3:
Ubuntu中vim /etc/default/docker,在文件中添加:
DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.4.4 --insecure-registry=n2:80"
重启dockersudo systemctl restart docker
E2:
test@Test1:~$ sudo docker push n2:80/library/test:v1
85782553e37a: Waiting
745f5be9952c: Waiting
denied: requested access to the resource is denied
解决方法1:
先登录才可以上传,进行登录操作
解决方法2:
用hosts名称会异常,建议直接使用ip
E3:
ERROR: for proxy Cannot start service proxy: driver failed programming external connectivity on endpoint nginx (fdeb3e538d5f8d714ea5c79a9f3f127f05f7ba5d519e09c4c30ef81f40b2fe77): Error starting userland proxy: listen tcp 0.0.0.0:80: bind: address already in use
端口占用问题,可以通过修改端口来完成,在harbor/docker-compose.yml中修改,比如此处的80端口修改为8080操作如下:
proxy:
image: vmware/nginx:1.11.5-patched
container_name: nginx
restart: always
volumes:
- ./common/config/nginx:/etc/nginx:z
networks:
- harbor
ports:
- 8080:80
- 444:443
- 4443:4443
depends_on:
- mysql
- registry
- ui
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "proxy"
注意这里修改了之后在上面问题E1,E2中的修改也端口
4. Shells
批量上传脚本push_images.sh
#!/bin/bash
images=(kube-proxy-amd64:v1.6.6 kube-scheduler-amd64:v1.6.6 kube-controller-manager-amd64:v1.6.6 kube-apiserver-amd64:v1.6.6 etcd-amd64:3.0.17 pause-amd64:3.0 kubernetes-dashboard-amd64:v1.6.1 k8s-dns-sidecar-amd64:1.14.2 k8s-dns-kube-dns-amd64:1.14.2 k8s-dns-dnsmasq-nanny-amd64:1.14.2 etcd:v3.1.5)
for imageName in ${images[@]} ; do
sudo docker tag gcr.io/google_containers/$imageName e2:5000/$imageName
sudo docker push e2:5000/$imageName
sudo docker rmi e2:5000/$imageName
done
批量下载脚本pull_images.sh
#!/bin/bash## 标题 ##
images=(kube-proxy-amd64:v1.6.6 kube-scheduler-amd64:v1.6.6 kube-controller-manager-amd64:v1.6.6 kube-apiserver-amd64:v1.6.6 etcd-amd64:3.0.17 pause-amd64:3.0 kubernetes-dashboard-amd64:v1.6.1 k8s-dns-sidecar-amd64:1.14.2 k8s-dns-kube-dns-amd64:1.14.2 k8s-dns-dnsmasq-nanny-amd64:1.14.2 etcd:v3.1.5)
for imageName in ${images[@]} ; do
sudo docker pull e2:5000/$imageName
sudo docker tag e2:5000/$imageName gcr.io/google_containers/$imageName
sudo docker rmi e2:5000/$imageName
done
