sudo apt-get install docker.io
ou
dans /etc/apt/source.list :
deb http://get.docker.io/ubuntu docker main
puis
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9
sudo apt-get update
sudo apt-get install lxc-docker
Télécharger https://docs.docker.com/installation/mac/
boot2docker init
VBoxManage sharedfolder add boot2docker-vm -name home -hostpath /Users
boot2docker start
$(boot2docker shellinit)
docker images
docker rmi debian:7.4
docker rmi b5fe16f2ccba
docker ps
docker ps -a
curl -X GET http://localhost:5000/v1/search?q=postgresql
sudo vim /etc/default/ufw
DEFAULT_FORWARD_POLICY="ACCEPT"
sudo ufw reload
sudo ufw allow 2375/tcp
sudo vim /etc/default/docker.io
DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.4.4"
sudo vim /etc/resolv.conf
::1
127.0.0.1
nameserver 2001:4860:4860::8888
nameserver 2001:4860:4860::8844
nameserver 8.8.8.8
nameserver 8.8.4.4
sudo service networking restart
sudo service docker.io restart
https://github.com/docker/docker-registry
docker pull registry
docker run -p 5000:5000 registry
Lister les conteneurs :
docker ps -a
Sauvegarder les changements :
docker commit 123 neolao/debian
Tagger le conteneur pour le dépôt privé :
docker tag neolao/debian localhost:5000/debian
Et envoyer :
docker push localhost:5000/debian
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-private-docker-registry-on-ubuntu-14-04
docker pull registry
# All other flavors inherit the `common' config snippet common: &common issue: '"docker-registry server"' # Default log level is info loglevel: _env:LOGLEVEL:info # Enable debugging (additional informations in the output of the _ping endpoint) debug: _env:DEBUG:false # By default, the registry acts standalone (eg: doesn't query the index) standalone: _env:STANDALONE:true # The default endpoint to use (if NOT standalone) is index.docker.io index_endpoint: _env:INDEX_ENDPOINT:https://index.docker.io # Storage redirect is disabled storage_redirect: _env:STORAGE_REDIRECT # Token auth is enabled (if NOT standalone) disable_token_auth: _env:DISABLE_TOKEN_AUTH # No priv key privileged_key: _env:PRIVILEGED_KEY # No search backend search_backend: _env:SEARCH_BACKEND # SQLite search backend sqlalchemy_index_database: _env:SQLALCHEMY_INDEX_DATABASE:sqlite:////home/neolao/workspace/docker/registry/docker-registry.db# Mirroring is not enabled mirroring: source: _env:MIRROR_SOURCE # https://registry-1.docker.io source_index: _env:MIRROR_SOURCE_INDEX # https://index.docker.io tags_cache_ttl: _env:MIRROR_TAGS_CACHE_TTL:172800 # secondscache: host: _env:CACHE_REDIS_HOST port: _env:CACHE_REDIS_PORT db: _env:CACHE_REDIS_DB:0 password: _env:CACHE_REDIS_PASSWORD# Enabling LRU cache for small files # This speeds up read/write on small files # when using a remote storage backend (like S3). cache_lru: host: _env:CACHE_LRU_REDIS_HOST port: _env:CACHE_LRU_REDIS_PORT db: _env:CACHE_LRU_REDIS_DB:0 password: _env:CACHE_LRU_REDIS_PASSWORD# Enabling these options makes the Registry send an email on each code Exception email_exceptions: smtp_host: _env:SMTP_HOST smtp_port: _env:SMTP_PORT:25 smtp_login: _env:SMTP_LOGIN smtp_password: _env:SMTP_PASSWORD smtp_secure: _env:SMTP_SECURE:false from_addr: _env:SMTP_FROM_ADDR:docker-registry@localdomain.local to_addr: _env:SMTP_TO_ADDR:noise+dockerregistry@localdomain.local# Enable bugsnag (set the API key) bugsnag: _env:BUGSNAG# CORS support is not enabled by default cors: origins: _env:CORS_ORIGINS methods: _env:CORS_METHODS headers: _env:CORS_HEADERS:[Content-Type] expose_headers: _env:CORS_EXPOSE_HEADERS supports_credentials: _env:CORS_SUPPORTS_CREDENTIALS max_age: _env:CORS_MAX_AGE send_wildcard: _env:CORS_SEND_WILDCARD always_send: _env:CORS_ALWAYS_SEND automatic_options: _env:CORS_AUTOMATIC_OPTIONS vary_header: _env:CORS_VARY_HEADER resources: _env:CORS_RESOURCESlocal: &local <<: *common storage: local storage_path: _env:STORAGE_PATH:/home/sites/docker.neolao.com/storages3: &s3 <<: *common storage: s3 s3_region: _env:AWS_REGION s3_bucket: _env:AWS_BUCKET boto_bucket: _env:AWS_BUCKET storage_path: _env:STORAGE_PATH:/registry s3_encrypt: _env:AWS_ENCRYPT:true s3_secure: _env:AWS_SECURE:true s3_access_key: _env:AWS_KEY s3_secret_key: _env:AWS_SECRET boto_host: _env:AWS_HOST boto_port: _env:AWS_PORT boto_calling_format: _env:AWS_CALLING_FORMAT# Ceph Object Gateway Configuration # See http://ceph.com/docs/master/radosgw/ for details on installing this service. ceph-s3: &ceph-s3 <<: *common storage: s3 s3_region: ~ s3_bucket: _env:AWS_BUCKET s3_encrypt: _env:AWS_ENCRYPT:false s3_secure: _env:AWS_SECURE:false storage_path: _env:STORAGE_PATH:/registry s3_access_key: _env:AWS_KEY s3_secret_key: _env:AWS_SECRET boto_bucket: _env:AWS_BUCKET boto_host: _env:AWS_HOST boto_port: _env:AWS_PORT boto_debug: _env:AWS_DEBUG:0 boto_calling_format: _env:AWS_CALLING_FORMAT# Google Cloud Storage Configuration # See: # https://developers.google.com/storage/docs/reference/v1/getting-startedv1#keys # for details on access and secret keys. gcs: <<: *common storage: gcs boto_bucket: _env:GCS_BUCKET storage_path: _env:STORAGE_PATH:/registry gs_secure: _env:GCS_SECURE:true gs_access_key: _env:GCS_KEY gs_secret_key: _env:GCS_SECRET # OAuth 2.0 authentication with the storage. # oauth2 can be set to true or false. If it is set to true, gs_access_key, # gs_secret_key and gs_secure are not needed. # Client ID and Client Secret must be set into OAUTH2_CLIENT_ID and # OAUTH2_CLIENT_SECRET environment variables. # See: https://developers.google.com/accounts/docs/OAuth2. oauth2: _env:GCS_OAUTH2:false# This flavor is for storing images in Openstack Swift swift: &swift <<: *common storage: swift storage_path: _env:STORAGE_PATH:/registry # keystone authorization swift_authurl: _env:OS_AUTH_URL swift_container: _env:OS_CONTAINER swift_user: _env:OS_USERNAME swift_password: _env:OS_PASSWORD swift_tenant_name: _env:OS_TENANT_NAME swift_region_name: _env:OS_REGION_NAME# This flavor stores the images in Glance (to integrate with openstack) # See also: https://github.com/docker/openstack-docker glance: &glance <<: *common storage: glance storage_alternate: _env:GLANCE_STORAGE_ALTERNATE:file storage_path: _env:STORAGE_PATH:/tmp/registryopenstack: <<: *glance# This flavor stores the images in Glance (to integrate with openstack) # and tags in Swift. glance-swift: &glance-swift <<: *swift storage: glance storage_alternate: swiftopenstack-swift: <<: *glance-swiftelliptics: <<: *common storage: elliptics elliptics_nodes: _env:ELLIPTICS_NODES elliptics_wait_timeout: _env:ELLIPTICS_WAIT_TIMEOUT:60 elliptics_check_timeout: _env:ELLIPTICS_CHECK_TIMEOUT:60 elliptics_io_thread_num: _env:ELLIPTICS_IO_THREAD_NUM:2 elliptics_net_thread_num: _env:ELLIPTICS_NET_THREAD_NUM:2 elliptics_nonblocking_io_thread_num: _env:ELLIPTICS_NONBLOCKING_IO_THREAD_NUM:2 elliptics_groups: _env:ELLIPTICS_GROUPS elliptics_verbosity: _env:ELLIPTICS_VERBOSITY:4 elliptics_logfile: _env:ELLIPTICS_LOGFILE:/dev/stde# This is the default configuration when no flavor is specified dev: &dev <<: *local loglevel: _env:LOGLEVEL:debug debug: _env:DEBUG:true standalone: true #search_backend: _env:SEARCH_BACKEND:sqlalchemy# This flavor is used by unit tests test: <<: *dev index_endpoint: https://registry-stage.hub.docker.com standalone: true storage_path: _env:STORAGE_PATH:./tmp/test# To specify another flavor, set the environment variable SETTINGS_FLAVOR # $ export SETTINGS_FLAVOR=prod prod: <<: *local #storage_path: _env:STORAGE_PATH:/prod
#!/bin/bashdocker run \ -p 5000:5000 \ -v /home/sites/docker.neolao.com:/registry-config \ -e DOCKER_REGISTRY_CONFIG=/registry-config/config.yml \ -e STORAGE_PATH=/storage \ registry
server { listen 443;root /home/sites/docker.neolao.com/www; index index.html index.htm;server_name docker.neolao.com;ssl on; ssl_certificate /home/sites/docker.neolao.com/ssl/server-combined.crt; ssl_certificate_key /home/sites/docker.neolao.com/ssl/server.key;# disable any limits to avoid HTTP 413 for large image uploads client_max_body_size 0;proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Authorization "";auth_basic "Restricted"; auth_basic_user_file /home/sites/docker.neolao.com/htpasswd;location / { proxy_pass http://localhost:5000; } location /v1 { if ($remote_user != "neolao") { set $readonly "A"; } if ($request_method !~ ^(GET|HEAD)$) { set $readonly "${readonly}B"; } if ($readonly = "AB") { return 401; } proxy_pass http://localhost:5000; }location /v1/_ping { auth_basic off; proxy_pass http://localhost:5000; }location /v1/users { proxy_pass http://localhost:5000; }access_log /home/sites/docker.neolao.com/logs/access.log combined; }
docker login docker.neolao.com
Être dans le groupe docker
Se reconnecter ou lancer :
newgrp docker