简体繁体 English

镜像私有Docker注册表

[英]Mirroring private docker registry

原文 2015-04-27 15:49:19 6 2 docker/ docker-registry

What is currently the recommended way to mirror a Private Docker Registry? 目前建议镜像私有Docker注册中心的方法是什么？

Mirroring functionality is provided by official docker-registry image but only for the Public Registry. 镜像功能由官方docker-registry映像提供，但仅适用于公共注册表。 See documentation : "Beware that mirroring only works for the public registry. You can not create a mirror for a private registry." 请参阅文档：“请注意，镜像仅适用于公共注册表。您不能为私有注册表创建镜像。”

My use-case: A bigger development team that is working in an office with a limited network. 我的用例：一个更大的开发团队，在网络有限的办公室工作。 They only pull docker images from registries. 他们仅从注册表中提取docker映像。 Pushing is occasional and handled by Jenkins box hosted in AWS. 推送偶尔是由AWS托管的Jenkins box处理的。 Most of the images they use resides in our password protected Private Registry (served over https). 他们使用的大多数图像都位于我们受密码保护的专用注册表中（通过https提供）。 So it's only natural to mirror/cache the Registry on a machine in a local network. 因此，将注册表镜像/缓存到本地网络中的计算机上是很自然的。 If not for https I would just go for HTTP_PROXY and local squid install. 如果不使用https，我将只进行HTTP_PROXY和本地squid安装。

I'm sure I'm not the only one solving docker dev bandwidth problem. 我确定我不是唯一一个解决docker dev带宽问题的人。 What do you do? 你是做什么？

2 个解决方案

It is now possible to do this with the "proxy" settings in the configuration for a V2 registry. 现在可以使用V2注册表配置中的“代理”设置来执行此操作。 Just put up another registry (on a different server/port from any other private registry you have) and on every docker engine, set the '--registry-mirror' flag to point to it. 只需建立另一个注册表（与您拥有的任何其他私有注册表在不同的服务器/端口上），并在每个docker引擎上，将“ --registry-mirror”标志设置为指向它。

Just watch out for accidental pushes - always retag your images to the private registry or a private repository if you wish to keep them private. 只需当心意外的推送-如果您希望将图像保留为私有，请务必将图像重新标记到私有注册表或私有存储库中。

Right now, I would recommend using the (new) golang registry ( https://github.com/docker/distribution ) instead of the (v1) python one, and go with the proxy solution (using HTTP_PROXY + a reverse proxy cache - squid, or whatever else pleases your tastes - I would probably use varnish). 现在，我建议您使用（新）golang注册表（ https://github.com/docker/distribution ）代替（v1）python注册表，并使用代理解决方案（使用HTTP_PROXY +反向代理缓存-鱿鱼，或其他任何讨您喜欢的口味-我可能会使用清漆）。

Native support for "mirroring" built into the registry itself will come eventually, and later more flexible transports. 最终将提供对注册表本身内置的“镜像”的本地支持，并在以后提供更灵活的传输方式。