注意:如下解决方案,只能解决pull的问题,不能解决push的问题,方案请参考:解决docker push问题

Docker 1.7版本和Docker CE的配置文件的位置是不同的

  • Docker 1.7版本 /etc/sysconfig/docker
  • Docker CE版本使用 /etc/docker/daemon.json

使用docker 1.7版本如果要pull docker registry v2或者harbor里的镜像,如果没有配置CA证书的话,需要配置insecure-registry,并且需要将这个参数加到docker daemon的启动参数里。配置步骤:

Docker 1.7解决办法

setp 1 配置DOCKER_OPTS参数

[root@123 ] # vi /etc/sysconfig/docker
other_args=
DOCKER_CERT_PATH=/etc/docker

## add 
DOCKER_OPTS="--insecure-registry ip:port"

save之后

setp 2 修改启动项

[root@123 ] # vi /etc/init.d/docker
## 找到 start 函数,在exec处增加 刚配置的DOCKER_OPTS,参见下边空行处
start() {
    if [ ! -x $exec ]; then
      if [ ! -e $exec ]; then
        echo "Docker executable $exec not found"
      else
        echo "You do not have permission to execute the Docker executable $exec"
      fi
      exit 5
    fi

    check_for_cleanup

    if ! [ -f $pidfile ]; then
        prestart
        printf "Starting $prog:\t"
        echo "\n$(date)\n" >> $logfile

        ## add DOCKER_OPTS
        $exec -d $DOCKER_OPTS &>> $logfile &

        pid=$!
        touch $lockfile
        # wait up to 10 seconds for the pidfile to exist.  see
        # https://github.com/docker/docker/issues/5359
        tries=0
        while [ ! -f $pidfile -a $tries -lt 10 ]; do
            sleep 1
            tries=$((tries + 1))
        done
        success
        echo
    else
        failure
        echo
        printf "$pidfile still exists...\n"
        exit 7
    fi
}

setp 3 重启docker

[root@123 ] # service docker restart

setp 4 验证是否可以pull

Another way

不这么费事,直接修改启动项,原理和结果都是相同的

[root@123 ] # vi /etc/init.d/docker
## 找到exec,直接添加--insecure-registry ip:port
prog="docker"
exec="/usr/bin/$prog --insecure-registry ip:port"
pidfile="/var/run/$prog.pid"
lockfile="/var/lock/subsys/$prog"
logfile="/var/log/$prog"

然后重启docker daemon

Docker CE版本

检查/etc/docker目录下是否有daemon.json文件,如果没有则创建,或者直接vi /etc/docker/daemon.json修改完在:wq也行

[root@123 ] # vi /etc/docker/daemon.json

## add 
{
  "registry-mirrors": ["https://registry.docker-cn.com"],
  "insecure-registries" : ["ip:port","ip:port"]
}

添加完成后重启docker服务service docker restart

Docker 1.13.1 pull 问题

表象就是pull 自己搭建的镜像是提示V1 V2的错误。然后配置了/etc/docker/daemon.json了,也配置了insecure-registries。然后重启systemctl restart docker出现错误了:

[root@localhost docker]# systemctl restart docker
Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.

查看journalctl --no-pager

Apr 20 04:59:27 localhost.localdomain systemd[1]: Started Docker Application Container Engine.
Apr 20 05:00:00 localhost.localdomain systemd[1]: Starting Docker Cleanup...
Apr 20 05:00:00 localhost.localdomain systemd[1]: Started Docker Cleanup.
Apr 20 05:00:01 localhost.localdomain systemd[1]: Created slice User Slice of root.
Apr 20 05:00:01 localhost.localdomain systemd[1]: Starting User Slice of root.
Apr 20 05:00:01 localhost.localdomain systemd[1]: Started Session 7 of user root.
Apr 20 05:00:01 localhost.localdomain CROND[30810]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Apr 20 05:00:01 localhost.localdomain systemd[1]: Starting Session 7 of user root.
Apr 20 05:00:01 localhost.localdomain systemd[1]: Removed slice User Slice of root.
Apr 20 05:00:01 localhost.localdomain systemd[1]: Stopping User Slice of root.
Apr 20 05:00:16 localhost.localdomain polkitd[669]: Registered Authentication Agent for unix-process:30986:300800 (system bus name :1.79 [/usr/bin/pkttyagent --notify-fd 5 --fallback], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Apr 20 05:00:16 localhost.localdomain systemd[1]: Stopping Docker Application Container Engine...
Apr 20 05:00:16 localhost.localdomain dockerd-current[30297]: time="2018-04-20T05:00:16.148690884+08:00" level=info msg="Processing signal 'terminated'"
Apr 20 05:00:16 localhost.localdomain dockerd-current[30297]: time="2018-04-20T05:00:16.180397672+08:00" level=info msg="stopping containerd after receiving terminated"
Apr 20 05:00:17 localhost.localdomain systemd[1]: Starting Docker Storage Setup...
Apr 20 05:00:17 localhost.localdomain systemd[1]: Started Docker Storage Setup.
Apr 20 05:00:17 localhost.localdomain systemd[1]: Starting Docker Application Container Engine...
Apr 20 05:00:17 localhost.localdomain dockerd-current[31044]: unable to configure the Docker daemon with file /etc/docker/daemon.json: the following directives are specified both as a flag and in the configuration file: insecure-registries: (from flag: [gcr.io], from file: [192.168.1.130:5000])
Apr 20 05:00:17 localhost.localdomain systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Apr 20 05:00:17 localhost.localdomain polkitd[669]: Unregistered Authentication Agent for unix-process:30986:300800 (system bus name :1.79, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
Apr 20 05:00:17 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.
Apr 20 05:00:17 localhost.localdomain systemd[1]: Unit docker.service entered failed state.
Apr 20 05:00:17 localhost.localdomain systemd[1]: docker.service failed.

关键是这一句unable to configure the Docker daemon with file /etc/docker/daemon.json: the following directives are specified both as a flag and in the configuration file: insecure-registries: (from flag: [gcr.io], from file: [192.168.1.130:5000])看来还是配置有问题。于是删除了daemon.json里的insecure-registries配置。重启docker,好使。
然后又查看了docker的版本 docker info,原来是1.13.1版本的。看来还得参考最上边的解决方法

问题又来了,在/etc/init.d/下边,找不到docker,全系统里也没找到docker启动的配置函数,有知道的大侠望不吝赐教。
最终通过修改/etc/sysconfig/docker,有这么一段

# /etc/sysconfig/docker

# Modify these options if you want to change the way the docker daemon runs
OPTIONS='--selinux-enabled=false --log-driver=journald --signature-verification=false --insecure-registry gcr.io'
if [ -z "${DOCKER_CERT_PATH}" ]; then
    DOCKER_CERT_PATH=/etc/docker
fi

既然是 Modify these options if you want to change the way the docker daemon runs,那就在OPTIONS后边加上OPTIONS='--selinux-enabled=false --log-driver=journald --signature-verification=false --insecure-registry gcr.io --insecure-registry ip:port'

在重启docker服务,就好使了

# docker
Logo
向您推荐>>Eolink开发者社区

权威|前沿|技术|干货|国内首个API全生命周期开发者社区

更多推荐

ELK实现containerd的容器日志采集展示【基于logging的全栈监测】

企业级ELK Stack构建介绍

avatar 云原生

深入理解 Mocha 测试框架:从零实现一个 Mocha

前言什么是自动化测试自动化测试在很多团队中都是Devops环节中很难执行起来的一个环节,主要原因在于测试代码的编写工作很难抽象,99%的场景都需要和业务强绑定,而且写测试代码的编写工作量往往比编写实际业务代码的工作量更多。在一些很多业务场景中投入产出比很低,适合写自动化测试的应该是那些中长期业务以及一些诸如组件一样的基础库。自动化测试是个比较大的概念,其中分类也比较多,比如单元测试,端对端测试,集

avatar 云原生

(20200916 Solved)docker-compose up创建容器自动退出

问题描述如题,创建容器后自动退出了。并且docker start container无效解决方案原因是缺失了控制终端的配置,需要在docker-compose.yml中增加tty:true ,有时候这样也不行,需要再增加一个command:/bin/bash,命令不一定是这个,需要是一个不会退出的命令,然后用-d后台启动容器。Referencesdocker-compose启动容器后自动退出...

avatar 云原生