环境准备
-
VMware上安装CentOS7
-
CentOS7下安装Nexus私服及基础配置
-
配置Docker私服
安装
如果有历史版本,删除:
sudo yum remove docker \docker-client \docker-client-latest \docker-common \docker-latest \docker-latest-logrotate \docker-logrotate \docker-engine
删除依赖:
yum remove -y yum-utils \device-mapper-persistent-data \lvm2
安装依赖:
sudo yum install -y yum-utils \device-mapper-persistent-data \lvm2
设置stable仓库
sudo yum-config-manager \--add-repo \https://download.docker.com/linux/centos/docker-ce.repo
安装社区版
sudo dnf install --nobest -y docker-ce-18.09.1-3.el7 docker-ce-cli-18.09.1-3.el7 containerd.io
#sudo yum install docker-ce docker-ce-cli containerd.io
生成一个可执行jar包
-
Hello.java
public class Hello {public static void main(String[] args) {System.out.println("Hello World!");} } -
build.gradle
plugins {id 'java' }group 'com.yan' version '1.0-SNAPSHOT'sourceCompatibility = 1.8repositories {mavenCentral() }dependencies {testCompile group: 'junit', name: 'junit', version: '4.12' }tasks.withType(Jar) {manifest {attributes 'Main-Class': 'Hello'} } -
执行
gradle build生成可执行jar包
将jar包上传至Linux机器
[外链图片转存失败(img-hr90BhWo-1564288089750)(http://pqu2vhhw1.bkt.clouddn.com/blog/20190506/B5TqNi6aVBLK.png?imageslim)]
登陆私服
docker login --username=admin --password=admin123 192.168.196.196:18080
此时会出现错误
INFO[0000] Error logging in to v2 endpoint, trying next endpoint: Get https://192.168.196.196:18080/v2/: x509: certificate is valid for 127.0.0.1, not 192.168.196.196
INFO[0000] Error logging in to v1 endpoint, trying next endpoint: Get https://192.168.196.196:18080/v1/users/: x509: certificate is valid for 127.0.0.1, not 192.168.196.196
Get https://192.168.196.196:18080/v1/users/: x509: certificate is valid for 127.0.0.1, not 192.168.196.196这是因为在生成证书的时候的地址写的是本机,也就是127.0.0.1,而现实中docker客户端和私服不一定在一个机器上,因此重新使用IP或域名生成证书并重启Nexus。
重新登录报错如下:
[root@localhost bin]# docker login --username=admin --password=admin123 192.168.196.196:18080
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
INFO[0000] Error logging in to v2 endpoint, trying next endpoint: Get https://192.168.196.196:18080/v2/: x509: certificate signed by unknown authority
INFO[0000] Error logging in to v1 endpoint, trying next endpoint: Get https://192.168.196.196:18080/v1/users/: x509: certificate signed by unknown authority
Get https://192.168.196.196:18080/v1/users/: x509: certificate signed by unknown authority
这是因为私服不受信任,将私服地址设置为信任即可,由于目前docker版本直接做成了服务,所以,直接编辑其服务文件即可:
首先,查看服务状态systemctl status docker:
● docker.service - Docker Application Container EngineLoaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)Active: active (running) since 四 2019-05-09 20:34:14 CST; 2s agoDocs: https://docs.docker.comMain PID: 10703 (dockerd)Tasks: 12Memory: 115.2MCGroup: /system.slice/docker.service└─10703 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock5月 09 20:34:12 localhost.localdomain dockerd[10703]: time="2019-05-09T20:34:12.868837252+08:00" level=info msg="pickfirstBalancer: HandleSubConnStateChan...dule=grpc
5月 09 20:34:12 localhost.localdomain dockerd[10703]: time="2019-05-09T20:34:12.870357240+08:00" level=info msg="pickfirstBalancer: HandleSubConnStateChan...dule=grpc
5月 09 20:34:12 localhost.localdomain dockerd[10703]: time="2019-05-09T20:34:12.908366836+08:00" level=info msg="Graph migration to content-addressability... seconds"
5月 09 20:34:12 localhost.localdomain dockerd[10703]: time="2019-05-09T20:34:12.910649904+08:00" level=info msg="Loading containers: start."
5月 09 20:34:13 localhost.localdomain dockerd[10703]: time="2019-05-09T20:34:13.398820820+08:00" level=info msg="Default bridge (docker0) is assigned with... address"
5月 09 20:34:13 localhost.localdomain dockerd[10703]: time="2019-05-09T20:34:13.714647551+08:00" level=info msg="Loading containers: done."
5月 09 20:34:13 localhost.localdomain dockerd[10703]: time="2019-05-09T20:34:13.972128433+08:00" level=info msg="Docker daemon" commit=e8ff056 graphdriver...n=18.09.5
5月 09 20:34:13 localhost.localdomain dockerd[10703]: time="2019-05-09T20:34:13.972782738+08:00" level=info msg="Daemon has completed initialization"
5月 09 20:34:14 localhost.localdomain dockerd[10703]: time="2019-05-09T20:34:14.000438014+08:00" level=info msg="API listen on /var/run/docker.sock"
5月 09 20:34:14 localhost.localdomain systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.
得知其service/usr/lib/systemd/system/docker.service文件位置及启动命令/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock。
编辑service文件
vim /usr/lib/systemd/system/docker.service
在启动命令后面追加--insecure-registry 192.168.196.96:18080,重新登录即可。
还有一位大神分享了另一种比较复杂的方式,参考部署私有Docker Registry
本人也根据此文成功部署,相关记录博客:CentOS7安装Docker-Registry
Docker生成镜像并推送至私服
编写Dockerfile
vim /usr/local/share/Dockerfile
FROM openjdk:8-jre
MAINTAINER yanwei
ENV JAVA_OPTS="-Xms128M -Xmx128M"
COPY *.jar images/app.jar
ENTRYPOINT [ "sh", "-c", "java $JAVA_OPTS -jar images/app.jar" ]
构建生成镜像
docker build -t hello-demo /usr/local/share
运行
docker run hello-demo
推送至私服
docker push hello-demo
参考
- Get Docker CE for CentOS
- docker批量删除容器、镜像
- docker push 出现:x509: certificate signed by unknown authority
