自建 Docker 镜像加速服务
在部署 Docker 容器时,面临的一个主要问题是镜像下载,许多镜像存储在 Docker Hub 仓库中,然而由于国内的网络防火墙(GFW)的影响,无法直接访问该网站。在这种情况下,我们需要搭建一个 Docker 镜像加速服务。本文将介绍如何通过 Docker Compose 部署 Docker-Proxy,实现 Docker 镜像的加速。
准备工作
购买一台国外的云服务器并且没有被墙,用来搭建docker镜像仓库代理服务
安装部署 Docker 和 Docker Compose
准备一个域名,安装 nginx proxy manager,配置域名和证书,然后反代我们的 Registry 容器服务
快速部署
⚠️ 注意: 你需要对哪个镜像仓库进行加速,就下载哪个配置。
docker-compose.yml文件默认是部署所有的国外镜像仓库的加速服务,同样也是你部署哪个就配置哪个,其余的删除掉即可!
下载 config 目录下对应的yml文件到你本地机器
创建
docker-compose.yml文件,并且与配置文件同级目录下services: ## docker hub dockerhub: container_name: reg-docker-hub image: dqzboy/registry:latest restart: always environment: - OTEL_TRACES_EXPORTER=none #- http=http://host:port #- https=http://host:port volumes: - ./registry/data:/var/lib/registry - ./registry-hub.yml:/etc/distribution/config.yml #- ./htpasswd:/auth/htpasswd ports: - 51000:5000 networks: - registry-net ## ghcr.io ghcr: container_name: reg-ghcr image: dqzboy/registry:latest restart: always environment: - OTEL_TRACES_EXPORTER=none #- http=http://host:port #- https=http://host:port volumes: - ./registry/data:/var/lib/registry - ./registry-ghcr.yml:/etc/distribution/config.yml #- ./htpasswd:/auth/htpasswd ports: - 52000:5000 networks: - registry-net ## gcr.io gcr: container_name: reg-gcr image: dqzboy/registry:latest restart: always environment: - OTEL_TRACES_EXPORTER=none #- http=http://host:port #- https=http://host:port volumes: - ./registry/data:/var/lib/registry - ./registry-gcr.yml:/etc/distribution/config.yml #- ./htpasswd:/auth/htpasswd ports: - 53000:5000 networks: - registry-net ## k8s.gcr.io k8sgcr: container_name: reg-k8s-gcr image: dqzboy/registry:latest restart: always environment: - OTEL_TRACES_EXPORTER=none #- http=http://host:port #- https=http://host:port volumes: - ./registry/data:/var/lib/registry - ./registry-k8sgcr.yml:/etc/distribution/config.yml #- ./htpasswd:/auth/htpasswd ports: - 54000:5000 networks: - registry-net ## registry.k8s.io k8s: container_name: reg-k8s image: dqzboy/registry:latest restart: always environment: - OTEL_TRACES_EXPORTER=none #- http=http://host:port #- https=http://host:port volumes: - ./registry/data:/var/lib/registry - ./registry-k8s.yml:/etc/distribution/config.yml #- ./htpasswd:/auth/htpasswd ports: - 55000:5000 networks: - registry-net ## quay.io quay: container_name: reg-quay image: dqzboy/registry:latest restart: always environment: - OTEL_TRACES_EXPORTER=none #- http=http://host:port #- https=http://host:port volumes: - ./registry/data:/var/lib/registry - ./registry-quay.yml:/etc/distribution/config.yml #- ./htpasswd:/auth/htpasswd ports: - 56000:5000 networks: - registry-net ## mcr.microsoft.com mcr: container_name: reg-mcr image: dqzboy/registry:latest restart: always environment: - OTEL_TRACES_EXPORTER=none #- http=http://host:port #- https=http://host:port volumes: - ./registry/data:/var/lib/registry - ./registry-mcr.yml:/etc/distribution/config.yml #- ./htpasswd:/auth/htpasswd ports: - 57000:5000 networks: - registry-net ## docker.elastic.co elastic: container_name: reg-elastic image: dqzboy/registry:latest restart: always environment: - OTEL_TRACES_EXPORTER=none #- http=http://host:port #- https=http://host:port volumes: - ./registry/data:/var/lib/registry - ./registry-elastic.yml:/etc/distribution/config.yml #- ./htpasswd:/auth/htpasswd ports: - 58000:5000 networks: - registry-net ## nvcr.io nvcr: container_name: reg-nvcr image: dqzboy/registry:latest restart: always environment: - OTEL_TRACES_EXPORTER=none #- http=http://host:port #- https=http://host:port volumes: - ./registry/data:/var/lib/registry - ./registry-nvcr.yml:/etc/distribution/config.yml #- ./htpasswd:/auth/htpasswd ports: - 59000:5000 networks: - registry-net ## UI registry-ui: container_name: registry-ui image: dqzboy/docker-registry-ui:latest environment: - DOCKER_REGISTRY_URL=http://reg-docker-hub:5000 # [必须]使用 openssl rand -hex 16 生成唯一值 - SECRET_KEY_BASE=9f18244a1e1179fa5aa4a06a335d01b2 # 启用Image TAG 的删除按钮 - ENABLE_DELETE_IMAGES=true - NO_SSL_VERIFICATION=true restart: always ports: - 50000:8080 networks: - registry-net networks: registry-net:执行
docker compose或docker-compose命令启动容器服务docker compose up -d如果你对 nginx proxy manager 或 Nginx 不熟悉,那么你可以使用你熟悉的服务进行代理。也可以直接通过IP+端口的方式访问
阅读建议
评论
匿名评论
隐私政策
你无需删除空行,直接评论以获取最佳展示效果