docker 下载官方的镜像很慢,第三方的镜像随时可能会被取消,还是自力更生的方案最可靠。
经过多种方案比较,感觉最靠谱的还是 双重 nexus 缓存模式。
docker pull --> registry.domain.com --> nexus-sg.domain.com
具体说来,用户 拉取 registry.domain.com 这个镜像仓库,他在往后端拉取相应的镜像文件。
创建 repositories ,类型为 docker proxx: docker-io
创建 repositories ,类型为 docker group: docker-group, 监听 http 8083,并把 docker-io加进来。
nginx 把 registry.domain.com 指向 x.x.x.x:8083
以下配置为 mirror 模式,权当记录。
#cat docker-compose.yaml
version: "2"
services:
dockerhub:
image: registry:2
restart: always
volumes:
- "/data/registry/dockerhub:/var/lib/registry"
ports:
- "5001:5001"
environment:
- REGISTRY_HTTP_ADDR=0.0.0.0:5001
- PROXY_REMOTE_URL=https://registry-1.docker.io
- DELETE_ENABLED=true
quay:
image: registry:2
restart: always
volumes:
- "/data/registry/quay:/var/lib/registry"
ports:
- "5002:5002"
environment:
- REGISTRY_HTTP_ADDR=0.0.0.0:5002
- PROXY_REMOTE_URL=https://quay.io
k8s:
image: registry:2
restart: always
volumes:
- "/data/registry/k8s:/var/lib/registry"
ports:
- "5003:5003"
environment:
- REGISTRY_HTTP_ADDR=0.0.0.0:5003
- PROXY_REMOTE_URL=https://k8s.gcr.io
gcr:
image: registry:2
restart: always
volumes:
- "/data/registry/gcr:/var/lib/registry"
ports:
- "5004:5004"
environment:
- REGISTRY_HTTP_ADDR=0.0.0.0:5004
- PROXY_REMOTE_URL=https://gcr.io
#cat k8spull.sh
s=$(kubeadm config images list)
n=$(echo $s | sed -r 's,k8s.gcr.io/,,g')
for i in $n; do docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$i ; docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$i k8s.gcr.io/$i ;
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$i gcr.azk8s.cn/google_containers/$i;
done
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.18.1
registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2
k8s.gcr.io/pause-amd64:3.2
gcr.io/google_containers/pause-amd64:3.2
k8s.gcr.io ==> gcr.azk8s.cn/google-containers
quay.io ==> quay.azk8s.cn
dockerhub ==> dockerhub.azk8s.cn
redis:5.0 ==> dockerhub.azk8s.cn/library/redis:5.0
helm init --stable-repo-url http://mirror.azure.cn/kubernetes/charts/
网友评论