Docker守护程序标志被忽略 [英] Docker daemon flags ignored
问题描述
- 操作系统:debian 8.0.0-amd64,ubuntu-15.04、16.04
- Docker :1.xx
- OS: debian 8.0.0-amd64, ubuntu-15.04, 16.04
- Docker: 1.x.x
我更改了 / etc / default / docker
来添加一个私有Docker注册表,然后我重新启动了docker服务并最终尝试提取一些图像。
I changed /etc/default/docker
to add a private docker registry, then I restarted docker service and finally tried to pull some image.
$ cat /etc/default/docker
DOCKER_OPTS="--insecure-registry mydocker-registry.net:5000"
$ service docker restart
$ docker pull mydocker-registry.net:5000/testdb
FATA[0000] Error: v1 ping attempt failed with error: Get https://mydocker-
registry.net:5000/v1/_ping: dial tcp: lookup mydocker-registry.net: no
such host. If this private registry supports only HTTP or HTTPS with an
unknown CA certificate, please add `--insecure-registry mydocker-
registry.net:5000` to the daemon's arguments. In the case of HTTPS, if
you have access to the registry's CA certificate, no need for the flag;
simply place the CA certificate at /etc/docker/certs.d/mydocker-
registry.net:5000/ca.crt
A ps
输出不显示有关DOCKER_OPTS环境变量的任何信息。
A ps
output shows nothing about DOCKER_OPTS environment var.
$ ps auxwww|grep docker
root 6919 0.0 0.1 331076 19984 ? Ssl 10:14 0:00 /usr/bin/docker -d -H fd://
问题:
根据Docker文档,使用私有注册表的方式是通过 / etc / default / docker
。为什么这样做之后在此环境中不生效?
Question:
According to docker documentation the way to use a private registry is through DOCKER_OPTS in /etc/default/docker
. Why, after doing that, it does not take effect in this environment?
- DNS正确解析了私有注册表主机名。
推荐答案
推荐方式Docker 17.xx +
有很多方法可以为Docker守护程序配置守护程序标志和环境变量。 推荐方式是使用以下平台:独立的 daemon.json
文件,默认情况下位于Linux的 / etc / docker /
中。
Recommended Way Docker 17.xx +
There are a number of ways to configure the daemon flags and environment variables for your Docker daemon. The recommended way is to use the platform-independent daemon.json
file, which is located in /etc/docker/
on Linux by default.
因此,要配置不安全的注册表,请执行以下操作:
So, for configuring insecure registries, do the following:
-
设置以下内容
/etc/docker/daemon.json
文件中的标志:
{
"insecure-registries": ["mydocker-registry.net:5000"]
}
重新启动Docker
Restart Docker
$ sudo systemctl restart docker
每次都更容易!
根据码头工人文档,建议的配置守护程序标志和Docker守护程序的环境变量是使用 systemd 插入文件。
According to docker documentation, The recommended way to configure the daemon flags and environment variables for your Docker daemon is to use a systemd drop-in file.
因此,对于这种特定情况,请执行以下操作:
So, for this specific case, do the following:
-
创建一个名为
/etc/systemd/system/docker.service.d/private-registry.conf
的文件,其内容如下:
Create a file called
/etc/systemd/system/docker.service.d/private-registry.conf
with the following content:
如果不存在,则创建目录
/etc/systemd/system/docker.service.d
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd --insecure-registry mydocker-registry.net:5000
刷新更改:
Flush changes:
$ sudo systemctl daemon-reload
重新启动Docker:
Restart Docker:
$ sudo systemctl restart docker
Voila!
编辑文件 /lib/systemd/system/docker.service
...
[Service]
ExecStart=/usr/bin/docker -d -H fd:// $DOCKER_OPTS
...
EnvironmentFile=-/etc/default/docker
...
然后执行
systemctl daemon-reload
systemctl restart docker
验证是否已加载 / etc / default / docker
ps auxwww | grep docker
root 4989 0.8 0.1 265540 16608 ? Ssl 10:37 0:00 /usr/bin/docker -d -H fd:// --insecure-registry
就是这样。
这篇关于Docker守护程序标志被忽略的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!