自建 Docker 镜像加速服务
在部署 Docker 容器时,面临的一个主要问题是镜像下载,许多镜像存储在 Docker Hub 仓库中,然而由于国内的网络防火墙(GFW)的影响,无法直接访问该网站。在这种情况下,我们需要搭建一个 Docker 镜像加速服务。本文将介绍如何通过 Docker Compose 部署 Docker-Proxy,实现 Docker 镜像的加速。
准备工作
购买一台国外的云服务器并且没有被墙,用来搭建docker镜像仓库代理服务
安装部署 Docker 和 Docker Compose
准备一个域名,安装 nginx proxy manager,配置域名和证书,然后反代我们的 Registry 容器服务(可选)
快速部署
⚠️ 注意: 默认配置包含了所有 9 个镜像仓库的加速服务。建议只保留你实际需要的仓库,删除不需要的服务配置以减少资源占用和安全风险。
获取配置文件
从项目的 config 目录下载对应的 registry 配置文件( registry-xxx.yml )到本地
创建部署文件
创建 docker-compose.yml 文件,与下载的配置文件放在同一目录下:
services:
## docker hub
dockerhub:
container_name: reg-docker-hub
image: dqzboy/registry:latest
restart: always
environment:
- OTEL_TRACES_EXPORTER=none
#- http=http://host:port
#- https=http://host:port
volumes:
- ./registry/data:/var/lib/registry
- ./registry-hub.yml:/etc/distribution/config.yml
#- ./htpasswd:/auth/htpasswd
ports:
- 51000:5000
networks:
- registry-net
## ghcr.io
ghcr:
container_name: reg-ghcr
image: dqzboy/registry:latest
restart: always
environment:
- OTEL_TRACES_EXPORTER=none
#- http=http://host:port
#- https=http://host:port
volumes:
- ./registry/data:/var/lib/registry
- ./registry-ghcr.yml:/etc/distribution/config.yml
#- ./htpasswd:/auth/htpasswd
ports:
- 52000:5000
networks:
- registry-net
## gcr.io
gcr:
container_name: reg-gcr
image: dqzboy/registry:latest
restart: always
environment:
- OTEL_TRACES_EXPORTER=none
#- http=http://host:port
#- https=http://host:port
volumes:
- ./registry/data:/var/lib/registry
- ./registry-gcr.yml:/etc/distribution/config.yml
#- ./htpasswd:/auth/htpasswd
ports:
- 53000:5000
networks:
- registry-net
## k8s.gcr.io
k8sgcr:
container_name: reg-k8s-gcr
image: dqzboy/registry:latest
restart: always
environment:
- OTEL_TRACES_EXPORTER=none
#- http=http://host:port
#- https=http://host:port
volumes:
- ./registry/data:/var/lib/registry
- ./registry-k8sgcr.yml:/etc/distribution/config.yml
#- ./htpasswd:/auth/htpasswd
ports:
- 54000:5000
networks:
- registry-net
## registry.k8s.io
k8s:
container_name: reg-k8s
image: dqzboy/registry:latest
restart: always
environment:
- OTEL_TRACES_EXPORTER=none
#- http=http://host:port
#- https=http://host:port
volumes:
- ./registry/data:/var/lib/registry
- ./registry-k8s.yml:/etc/distribution/config.yml
#- ./htpasswd:/auth/htpasswd
ports:
- 55000:5000
networks:
- registry-net
## quay.io
quay:
container_name: reg-quay
image: dqzboy/registry:latest
restart: always
environment:
- OTEL_TRACES_EXPORTER=none
#- http=http://host:port
#- https=http://host:port
volumes:
- ./registry/data:/var/lib/registry
- ./registry-quay.yml:/etc/distribution/config.yml
#- ./htpasswd:/auth/htpasswd
ports:
- 56000:5000
networks:
- registry-net
## mcr.microsoft.com
mcr:
container_name: reg-mcr
image: dqzboy/registry:latest
restart: always
environment:
- OTEL_TRACES_EXPORTER=none
#- http=http://host:port
#- https=http://host:port
volumes:
- ./registry/data:/var/lib/registry
- ./registry-mcr.yml:/etc/distribution/config.yml
#- ./htpasswd:/auth/htpasswd
ports:
- 57000:5000
networks:
- registry-net
## docker.elastic.co
elastic:
container_name: reg-elastic
image: dqzboy/registry:latest
restart: always
environment:
- OTEL_TRACES_EXPORTER=none
#- http=http://host:port
#- https=http://host:port
volumes:
- ./registry/data:/var/lib/registry
- ./registry-elastic.yml:/etc/distribution/config.yml
#- ./htpasswd:/auth/htpasswd
ports:
- 58000:5000
networks:
- registry-net
## nvcr.io
nvcr:
container_name: reg-nvcr
image: dqzboy/registry:latest
restart: always
environment:
- OTEL_TRACES_EXPORTER=none
#- http=http://host:port
#- https=http://host:port
volumes:
- ./registry/data:/var/lib/registry
- ./registry-nvcr.yml:/etc/distribution/config.yml
#- ./htpasswd:/auth/htpasswd
ports:
- 59000:5000
networks:
- registry-net
## UI
registry-ui:
container_name: registry-ui
image: dqzboy/docker-registry-ui:latest
environment:
- DOCKER_REGISTRY_URL=http://reg-docker-hub:5000
# [必须]使用 openssl rand -hex 16 生成唯一值
- SECRET_KEY_BASE=9f18244a1e1179fa5aa4a06a335d01b2
# 启用Image TAG 的删除按钮
- ENABLE_DELETE_IMAGES=true
- NO_SSL_VERIFICATION=true
restart: always
ports:
- 50000:8080
networks:
- registry-net
networks:
registry-net:启动服务
在 docker-compose.yml 文件所在目录执行:
# 使用 Docker Compose V2
docker compose up -d
# 或使用 Docker Compose V1
docker-compose up -d
阅读建议
评论
匿名评论
隐私政策
你无需删除空行,直接评论以获取最佳展示效果
