2016-01-22 179 views
2

我目前正在運行註冊表碼頭容器和ngnix碼頭容器,類似於this setup以保護我的私人碼頭註冊表。我正在運行Jenkins,以便在Docker容器中自動構建我的應用程序,然後將容器推送到我的私人碼頭註冊表。使用憑證將圖像推送到私人碼頭註冊表

問題出在我需要推送圖像時。詹金斯(在一個容器中同時運行)執行包含以下步驟的shell腳本:

sudo docker run hello-world 
sudo docker tag -f hello-world localhost:5000/hello:latest 
sudo docker login -u username -p pass -e [email protected] localhost:5000/ 

sudo docker search localhost:5000/ 
sudo docker push localhost:5000/hello:latest 

然後構建失敗,出現以下的輸出:

Building in workspace /var/jenkins_home/jobs/HelloWorld/workspace [workspace] $ /bin/sh -xe /tmp/hudson6027890842360704977.sh 
+ sudo docker images 
REPOSITORY     TAG     IMAGE ID   CREATED    VIRTUAL SIZE 
registry     latest    e255d21840f8  2 days ago   422.9 MB 
jenkins      latest    fc39417bd5fb  13 days ago   708.2 MB 
nginx      latest    407195ab8b07  2 weeks ago   133.9 MB 
localhost:5000/hello  latest    0a6ba66e537a  3 months ago  960 B hello-world    latest    0a6ba66e537a  3 months ago  960 B 
+ sudo docker run hello-world 

Hello from Docker. This message shows that your installation appears to be working correctly. 

To generate this message, Docker took the following steps: 
1. The Docker client contacted the Docker daemon. 
2. The Docker daemon pulled the "hello-world" image from the Docker Hub. 
3. The Docker daemon created a new container from that image which runs the 
    executable that produces the output you are currently reading. 
4. The Docker daemon streamed that output to the Docker client, which sent it 
    to your terminal. 

To try something more ambitious, you can run an Ubuntu container with: $ docker run -it ubuntu bash 

Share images, automate workflows, and more with a free Docker Hub account: https://hub.docker.com 

For more examples and ideas, visit: https://docs.docker.com/userguide/ 

+ sudo docker tag -f hello-world localhost:5000/hello:latest 
+ sudo docker login -u username -p pass -e [email protected] localhost:5000/ 
WARNING: login credentials saved in /root/.docker/config.json Login Succeeded 
+ sudo docker search localhost:5000/ 
NAME   DESCRIPTION STARS  OFFICIAL AUTOMATED 
library/hello     0   

+ sudo docker push localhost:5000/hello:latest 
The push refers to a repository [localhost:5000/hello] (len: 1) 
Sending image list Pushing repository localhost:5000/hello (1 tags) 
b901d36b6f2f: Pushing 

Please login prior to push: 
Username (username): EOF 
Build step 'Execute shell' marked build as failure 
Finished: FAILURE 

換句話說,我能跑標記hello-world容器。我可以登錄到我的私人註冊表並搜索它。但是,如果我想推送自己的圖像,則需要再次進行驗證。

希望有人知道一個簡單的解決方案,到目前爲止我找不到自己的一個。我運行碼頭版本1.9.1,在Ubuntu 14.04.3 LTS上構建a34a1d5。

+0

即使您沒有https,也可能適用:https://github.com/docker/distribution/issues/719#issuecomment-157213022 – VonC

回答

1

我設法通過更改docker-compose.yml使用的github source代碼來創建工作設置,因此它使用註冊表v2(註冊表:2.2是精確的)而不是v1,並添加了以下內容路線nginx.conf文件:

location /v2 { 
     if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go).*\$") { 
     return 404; 
     } 
     auth_basic "Registry realm"; 
     auth_basic_user_file docker-registry.htpasswd; 

     add_header 'Docker-Distribution-Api-Version' $docker_distribution_api_version always; 

     proxy_pass       http://docker-registry; 
     proxy_set_header Host    $http_host; 
     proxy_set_header X-Real-IP   $remote_addr; 
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
     proxy_set_header X-Forwarded-Proto $scheme; 
     #proxy_set_header Authorization ''; 
     proxy_read_timeout     900;  
    } 

註冊V2 does not support searching the registry yet,所以我不得不從我的詹金斯建立以刪除命令。現在,當我開始一項新工作時,所有工作都會正常工作,並且您好世界的圖像被拉到,標記並推入(在登錄註冊表後)到我的私人註冊表中。

詹金斯控制檯輸出:

Building in workspace /var/jenkins_home/jobs/HelloWorld/workspace [workspace] $ /bin/sh -xe /tmp/hudson56731521101471087.sh 
+ sudo docker run hello-world 
Unable to find image 'hello-world:latest' locally 
latest: Pulling from library/hello-world 
b901d36b6f2f: Pulling fs layer 
0a6ba66e537a: Pulling fs layer 
b901d36b6f2f: Verifying Checksum 
b901d36b6f2f: Download complete 
0a6ba66e537a: Verifying Checksum 
0a6ba66e537a: Download complete 
b901d36b6f2f: Pull complete 
0a6ba66e537a: Pull complete 
Digest: sha256:8be990ef2aeb16dbcb9271ddfe2610fa6658d13f6dfb8bc72074cc1ca36966a7 
Status: Downloaded newer image for hello-world:latest 

Hello from Docker. This message shows that your installation appears to be working correctly. 

To generate this message, Docker took the following steps: 
1. The Docker client contacted the Docker daemon. 
2. The Docker daemon pulled the "hello-world" image from the Docker Hub. 
3. The Docker daemon created a new container from that image which runs the 
    executable that produces the output you are currently reading. 
4. The Docker daemon streamed that output to the Docker client, which sent it 
    to your terminal. 

To try something more ambitious, you can run an Ubuntu container with: $ docker run -it ubuntu bash 

Share images, automate workflows, and more with a free Docker Hub account: https://hub.docker.com 

For more examples and ideas, visit: https://docs.docker.com/userguide/ 

+ sudo docker tag -f hello-world localhost:5000/hello-world:latest 
+ sudo docker login -u username -p pass -e [email protected] localhost:5000/ 
WARNING: login credentials saved in /root/.docker/config.json Login Succeeded  
Login Succeeded 

+ sudo docker push localhost:5000/hello-world:latest 
The push refers to a repository [localhost:5000/hello-world] (len: 1) 
Sending image list Pushing repository localhost:5000/hello-world (1 tags) 
0a6ba66e537a: Preparing 
0a6ba66e537a: Pushing 
0a6ba66e537a: Pushed 
b901d36b6f2f: Preparing 
b901d36b6f2f: Pushing 
b901d36b6f2f: Pushed 
latest: digest: sha256:1c7adb1ac65df0bebb40cd4a84533f787148b102684b74cb27a1982967008e4b size: 2744 
Finished: SUCCESS 

雖然我現在有一個工作的設置,我還沒有發現與使用註冊表V1的問題的解決方案。

相關問題