拉取 Artifactory Docker 镜像
[英]Pull Artifactory Docker Images
问题描述
I downloaded artifactory 6.6.0 on remote desktop with ip (xxxx) and connect to port 8081.
我使用 ip (xxxx) 在远程桌面上下载了 artifactory 6.6.0 并连接到端口 8081。
I can connect to artifactory from my computer http://xxxx:8081/artifactory .我可以从我的电脑http://xxxx:8081/artifactory 连接到 artifactory 。 I have docker client on my computer but I don't have docker on remote desktop.我的计算机上有 docker 客户端,但远程桌面上没有 docker。
I have virtual docker repository named "docker".我有一个名为“docker”的虚拟 docker 存储库。
I want to login by docker client to my docker repository on artifactory -> "docker login " and then pull images in this repository.我想通过 docker 客户端登录到我在 artifactory -> “docker login” 上的 docker 存储库,然后将图像拉到这个存储库中。
How can I log in and pull images from artifactory?如何登录并从 artifactory 中提取图像? Notice I don't have SSL so I'm using HTTP.请注意,我没有 SSL,所以我使用的是 HTTP。
3 个解决方案
解决方案1
1 已采纳 2019-01-01 10:35:29
First: docker login related to Artifactory -> Configurations -> HTTP Settings I used "Docker access method" as "Repository path"第一:与Artifactory相关的docker登录 - >配置 - > HTTP设置我使用“Docker访问方法”作为“存储库路径”
docker login -u admin -p **** xxxx:8081 docker login -u admin -p **** xxxx:8081
Second: Since i use HTTP, this ip "xxxx:8081" should be added to "insecure-registries" in Docker client.第二:因为我使用 HTTP,这个 ip“xxxx:8081”应该添加到 Docker 客户端的“insecure-registries”。
or just add it to insecure registries in ~/.docker/config.json like below:或者只是将它添加到 ~/.docker/config.json 中的不安全注册表,如下所示:
{
"auths": {
"x.x.x.x:8081": {}
},
"HttpHeaders": {
"User-Agent": "Docker-Client/18.09.0 (windows)"
},
"credsStore": "wincred"
}
and then restart docker然后重启docker
解决方案2
0 2020-04-23 22:48:18
I don't know how it works when accessing the server with just an IP address... but if you use a hostname, you need to prefix it with the name of the repo.我不知道仅使用 IP 地址访问服务器时它是如何工作的……但是如果您使用主机名,则需要在其前面加上回购协议的名称。
Example:例子:
My Artifactory Enterprise server is at https://artifactory.mycompany.com我的 Artifactory Enterprise 服务器位于https://artifactory.mycompany.com
I can pull images with我可以拉图像
docker login repo1.artifactory.mycompany.com
docker pull repo1.artifactory.mycompany.com/myImage:latest
Dockerfile example: Dockerfile 示例:
FROM repo1.artifactory.mycompany.com/myImage:latest
(You will need to run docker login repo1.artifactory.mycompany.com before running docker build .) (在运行 docker docker build之前,您需要运行docker login repo1.artifactory.mycompany.com 。)
解决方案3
0 2020-04-25 00:22:51
There are different ways in which Docker can be configured to work with on the Artifactory side, these are: Docker 可以配置为在 Artifactory 端使用的不同方式,这些是:
- Repo Path Method回购路径方法
- Subdomain Method子域方法
- Port Method端口方法
Repo path is the method which this question is using, and for which we request the image by its full path eg回购路径是这个问题正在使用的方法,我们通过其完整路径请求图像,例如
docker pull / push <HOST>:8081/<REPOSITORY_KEY>/<IMAGE>:<TAG>
docker login <HOST>:8081
What is worth noting is that in order for this to work, we need to go to the HTTP Settings of Artifactory and set the Docker method to be "Repository Path" as otherwise certain Tomcat-level re-writes are not enabled and your login may not work.值得注意的是,为了让它工作,我们需要进入 Artifactory 的 HTTP 设置并将 Docker 方法设置为“Repository Path”,否则某些 Tomcat 级别的重写不会启用,您的登录可能会不行。
Subdomain replaces the repository name from being in the path to being in the subdomain as someone mentioned before was the case for them, eg子域将存储库名称从路径中替换为子域中,就像之前提到的那样,例如
docker pull / push <REPOSITORY_KEY>.<HOSTNAME>/<IMAGE>:<TAG>
docker login <REPOSITORY_KEY>.<HOSTNAME>
Port method is similar to the other two, but instead of removing the repository from the path to declare and prepending it to the hostname, we will use different ports to differentiate between repos eg端口方法与其他两个类似,但不是从路径中删除存储库来声明并将其添加到主机名之前,我们将使用不同的端口来区分存储库,例如
docker pull / push <HOST>:<REPOSITORY_PORT>/<IMAGE>:<TAG>
docker login <HOST>:<REPOSITORY_PORT>
The repository port would be defined in the re-writes at reverse proxy level, just the same as for the subdomain method.存储库端口将在反向代理级别的重写中定义,与子域方法相同。
The issue the question talks about is likely the insecure registry that was mentioned before, as docker needs to use HTTPS unless explicitely allowed to not do so.问题所讨论的问题可能是之前提到的不安全注册表,因为 docker 需要使用 HTTPS,除非明确允许不这样做。
For repository path method, if using SSL, make sure to use a wildcard certificate *.myhostname.com so that the different repositories can be connected to securely and not complain about the hostname not matching with the cert.对于存储库路径方法,如果使用 SSL,请确保使用通配符证书 *.myhostname.com 以便可以安全地连接到不同的存储库,而不会抱怨主机名与证书不匹配。
Clarification on some wording:澄清一些措辞:
Docker Image: What would be referred to as the group "namespace/repository:tag" in Docker terms. Docker Image:在 Docker 术语中称为“命名空间/存储库:标签”的组。 For example in docker pull docker-repo.myhostname.com/mycompany/ourapp:latest the image name would be mycompany/ourapp:latest例如在docker pull docker-repo.myhostname.com/mycompany/ourapp:latest中,图像名称将是mycompany/ourapp:latest
Repository: In Docker repository is what most people recognize as the image name, or in above example "ourapp".存储库:在 Docker 存储库中,大多数人认为是图像名称,或者在上面的示例中是“ourapp”。 What I refer to as repository most of the time, is what most people would call a registry.大多数时候我所说的存储库,就是大多数人所说的注册表。 The terminology gets confusing as Artifactory can hold many of these registries, and for most other technologies the naming convention tends to be to call them "repositories" at that level.由于 Artifactory 可以容纳许多这样的注册表,因此术语变得令人困惑,而对于大多数其他技术,命名约定往往是在该级别将它们称为“存储库”。 When talking about Artifactory and someone says "repository" it most likely refers to the registry as a whole.在谈论 Artifactory 时,有人说“存储库”,它很可能指的是整个注册表。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.