您的位置:首页 > 运维架构 > Docker

Docker 与 K8S学习笔记(番外篇)—— 搭建本地私有Docker镜像仓库

2022-01-21 20:44 1196 查看

我们在学习K8S时会有个问题,那就是我自己做的应用镜像如何在K8S中部署呢?如果我们每做一个镜像都要推送到公共镜像仓库那未免太麻烦了,这就需要我们搭一个私有镜像仓库,通过私有仓库,K8S集群便可以从中拉取镜像了。

一、拉取并部署docker register

私有镜像仓库部署也很简单,Docker 官方提供了私有仓库的镜像 registry ,只需把镜像下载下来,运行容器并暴露5000端口,就OK了。

$ sudo docker pull docker.io/registry
Using default tag: latest
latest: Pulling from library/registry
79e9f2f55bf5: Pull complete
0d96da54f60b: Pull complete
5b27040df4a2: Pull complete
e2ead8259a04: Pull complete
3790aef225b9: Pull complete
Digest: sha256:169211e20e2f2d5d115674681eb79d21a217b296b43374b8e39f97fcf866b375
Status: Downloaded newer image for registry:latest
docker.io/library/registry:latest
$ sudo docker run -d -p 5000:5000 --name=registry --restart=always --privileged=true --log-driver=none -v /data/images:/tmp/registry registry
5fe99c39a729c844566cd329fee6e0c304924bfe6a829ea609b6850a0322a145

我这里将本地的/data/images作为镜像数据存放目录。接着我们通过浏览器看下仓库内容:这里repositories:[]表示当前无任何仓库。

 

二、将镜像推送至私有仓库

我们将制作好的镜像webapp,推送到私有仓库中:

首先,我们给要上传镜像打tag:

sudo docker tag webapp:latest 172.16.194.135:5000/webapp:latest

接着上传镜像:

$ sudo docker push 172.16.194.135:5000/webapp:latest
The push refers to repository [172.16.194.135:5000/webapp]
Get "https://172.16.194.135:5000/v2/": http: server gave HTTP response to HTTPS client

这里出问题了,我们可以看到默认情况下docker使用https协议访问镜像仓库,如果想让docker使用http协议,则需要配置信任源:

我们编辑/etc/docker/daemon.json文件(如果没有此文件则新建):

{
"insecure-registries" : [ "你所搭建的registry服务的ip:5000" ]
}

保存后重启docker服务即可:sudo systemctl docker restart,然后重新推送镜像:

$ sudo docker push 172.16.194.135:5000/webapp:latest
The push refers to repository [172.16.194.135:5000/webapp]
db1a54a89227: Pushed
60348cf35183: Pushed
35c20f26d188: Pushed
c3fe59dd9556: Pushed
6ed1a81ba5b6: Pushed
a3483ce177ce: Pushed
ce6c8756685b: Pushed
30339f20ced0: Pushed
0eb22bfb707d: Pushed
a2ae92ffcd29: Pushed
latest: digest: sha256:a06f9a9efe77d3b029fac660cccf2d563e742f7a1b64f6c92960d5ebd7a4d8d9 size: 2419

这样我们通过浏览器也能看到上传的镜像了:

 

 

三、K8S通过私有仓库拉取镜像

我们将webapp部署到K8S集群上,我们首先编写deployment,这里要注意image处需要带上我们仓库地址。

apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: webapp
name: webapp
spec:
replicas: 2
selector:
matchLabels:
app: webapp
template:
metadata:
labels:
app: webapp
spec:
containers:
- name: webapp
image: 172.16.194.135:5000/webapp:latest
ports:
- containerPort: 4567

接着我们apply此Deployment,并查看pod启动情况:

$ sudo kubectl apply -f webapp.yaml
deployment.apps/webapp created
$ sudo kubectl get pods
NAME                      READY   STATUS    RESTARTS   AGE
webapp-5fb8547b77-8xtwk   1/1     Running   0          8s
webapp-5fb8547b77-bht5j   1/1     Running   0          8s
$ sudo kubectl describe pod webapp-5fb8547b77-8xtwk
Name:         webapp-5fb8547b77-8xtwk
Namespace:    default
Priority:     0
Node:         ayato/172.16.194.135
Start Time:   Mon, 03 Jan 2022 08:46:47 +0000
Labels:       app=webapp
pod-template-hash=5fb8547b77
Annotations:  <none>
Status:       Running
IP:           172.17.0.7
IPs:
IP:           172.17.0.7
Controlled By:  ReplicaSet/webapp-5fb8547b77
Containers:
webapp:
Container ID:   docker://03e4f676c8cf337038f4535dfa6598a717e10853662f894aaba85c27bb19fc92
Image:          172.16.194.135:5000/webapp:latest
Image ID:       docker-pullable://172.16.194.135:5000/webapp@sha256:a06f9a9efe77d3b029fac660cccf2d563e742f7a1b64f6c92960d5ebd7a4d8d9
Port:           4567/TCP
Host Port:      0/TCP
State:          Running
Started:      Mon, 03 Jan 2022 08:46:48 +0000
Ready:          True
Restart Count:  0
Environment:    <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-pcr2h (ro)
Conditions:
Type              Status
Initialized       True
Ready             True
ContainersReady   True
PodScheduled      True
Volumes:
default-token-pcr2h:
Type:        Secret (a volume populated by a Secret)
SecretName:  default-token-pcr2h
Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type    Reason     Age   From               Message
----    ------     ----  ----               -------
Normal  Scheduled  23s   default-scheduler  Successfully assigned default/webapp-5fb8547b77-8xtwk to ayato
Normal  Pulling    22s   kubelet            Pulling image "172.16.194.135:5000/webapp:latest"
Normal  Pulled     22s   kubelet            Successfully pulled image "172.16.194.135:5000/webapp:latest" in 99.689211ms
Normal  Created    22s   kubelet            Created container webapp
Normal  Started    21s   kubelet            Started container webapp

我们可以从Events中看到,我们K8S集群成功从我们私有仓库中拉取到镜像。

 

内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航