默认docker镜像仓库是dockerhub拉取※
docker login#登录dockerhub
docker login myregistrydomain.com自定义镜像源拉取※
# 默认从Docker Hub拉取镜像
docker pull ubuntu:latest
# 从自定义镜像仓库拉取镜像
docker pull myregistrydomain.com/myrepository/myimage:mytag
docker pull localhost:5000/myimage:latest#私有仓库
# 登录到私有镜像仓库
docker login myregistrydomain.com
# 配置Docker守护进程使用镜像加速器
sudo nano /etc/docker/daemon.json
#阿里镜像加速https://cr.console.aliyun.com/ap-southeast-1/instances/mirrors
# 添加以下内容
{
"registry-mirrors": ["https://<your-accelerator-id>.mirror.aliyuncs.com"]
}
#添加私有或者第三方仓库地址
{
"registry-mirrors": [
"https://3k02enia.mirror.aliyuncs.com"
],#这个是加速镜像地址
"insecure-registries": [
"10.0.1.4:5000"
] #这个是私有地址如果是http而不是https不配置到配置文件会出问题
}
systemctl daemon-reload
systemctl restart docker搭建私有docker镜像仓库※
最简化:※
#docker部署:
docker pull registry:2
docker run -d \
-p 5000:5000 \
--restart=always \
--name registry \
-v /data/docker/registry:/var/lib/registry \
registry
#使用,先标记然后再推送
docker tag myimage:latest <your-registry-ip>:5000/myimage:latest
docker push <your-registry-ip>:5000/myimage:latest
docker pull <your-registry-ip>:5000/myimage:latest
查看仓库的镜像
curl http://10.0.1.4:5000/v2/_catalogharbor搭建※
https://github.com/goharbor/harbor/releases
wget https://github.com/goharbor/harbor/releases/download/v2.11.0-rc1/harbor-offline-installer-v2.11.0-rc1.tgz
tar -xvf
cp harbor.yml.tmpl harbor.yml
#在配置文件,设置hostname,端口,如果不用https可以注释,然后admin修改密码密码,每次修改配置文件需要运行一下
./prepare#首次执行
install.sh#剩下只需要docker-composed 命令down up-dharbor使用※
首先需要配置insecure-registries设置为信任地址
其次需要登录harbor用户
推送镜像需要先修改tag包括项目名称
批量推送脚本
#!/bin/bash
# 定义 Docker 的配置文件路径
DOCKER_CONFIG="/etc/docker/daemon.json"
# 使用 Python 读取 insecure-registries
existing_insecure=$(python -c "
import json
try:
with open('$DOCKER_CONFIG', 'r') as f:
config = json.load(f)
registries = config.get('insecure-registries', [])
for r in registries:
print(r)
except Exception as e:
print('Error reading JSON:', e)
")
# 交互式选择 insecure-registry
echo "请选择 insecure-registry 地址:"
select choice in $existing_insecure "手动输入新地址" "退出"; do
case $REPLY in
1|2)
REGISTRY=$choice
break;;
3)
echo "输入新的 insecure-registry 地址:"
read new_registry
REGISTRY=$new_registry
# 使用 Python 更新 Docker 配置
python -c "
import json
try:
with open('$DOCKER_CONFIG', 'r+') as f:
config = json.load(f)
if 'insecure-registries' not in config:
config['insecure-registries'] = []
config['insecure-registries'].append('$new_registry')
f.seek(0)
f.truncate()
json.dump(config, f, indent=4)
except Exception as e:
print('Error writing JSON:', e)
"
systemctl restart docker
break;;
4)
echo "退出脚本."
exit 0;;
*)
echo "无效选择,请重新选择."
;;
esac
done
# 输入 Harbor 项目名
echo "请输入 Harbor 项目名称:"
read PROJECT_NAME
# 列出本地 Docker 镜像
echo "选择需要推送的镜像:"
docker images --format "{{.Repository}}:{{.Tag}}" | nl -w1 -s': '
# 读取用户选择的镜像
echo "输入需要推送的镜像序号(支持多选,例如 1,3,5 或者 * 代表全部):"
read image_choices
# 处理镜像选择
if [ "$image_choices" = "*" ]; then
images=$(docker images --format "{{.Repository}}:{{.Tag}}")
else
IFS=',' read -ra chosen_indexes <<< "$image_choices"
images=()
for index in "${chosen_indexes[@]}"; do
images+=("$(docker images --format "{{.Repository}}:{{.Tag}}" | sed -n ${index}p)")
done
fi
# 推送镜像并删除 tag
for image in ${images[@]}; do
# 提取镜像的核心名称(最后一个 '/' 后面的部分)
core_image_name="${image##*/}"
core_image_name="${core_image_name%:*}" # 进一步确保移除可能的 tag
# 修改 tag 为私有 registry 地址包含项目名
new_image="$REGISTRY/$PROJECT_NAME/$core_image_name:${image##*:}"
docker tag $image $new_image
if docker push $new_image; then
echo "$image 已推送到 $new_image"
docker rmi $new_image
echo "已删除本地 tag: $new_image"
else
echo "推送失败: $new_image"
fi
done
echo "所有选定的镜像已尝试推送。"
