Docker 守护进程标志被忽略 [英] Docker daemon flags ignored

查看:16
本文介绍了Docker 守护进程标志被忽略的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

  • 操作系统:debian 8.0.0-amd64、ubuntu-15.04、16.04
  • Docker:1.x.x
  • OS: debian 8.0.0-amd64, ubuntu-15.04, 16.04
  • Docker: 1.x.x

我更改了 /etc/default/docker 以添加私有 docker 注册表,然后我重新启动了 docker 服务并最终尝试拉取一些图像.

I changed /etc/default/docker to add a private docker registry, then I restarted docker service and finally tried to pull some image.

$ cat /etc/default/docker
DOCKER_OPTS="--insecure-registry mydocker-registry.net:5000"

$ service docker restart

$ docker pull mydocker-registry.net:5000/testdb
FATA[0000] Error: v1 ping attempt failed with error: Get https://mydocker-
registry.net:5000/v1/_ping: dial tcp: lookup mydocker-registry.net: no 
such host. If this private registry supports only HTTP or HTTPS with an 
unknown CA certificate, please add `--insecure-registry mydocker-
registry.net:5000` to the daemon's arguments. In the case of HTTPS, if 
you have access to the registry's CA certificate, no need for the flag; 
simply place the CA certificate at /etc/docker/certs.d/mydocker-
registry.net:5000/ca.crt

ps 输出没有显示 DOCKER_OPTS 环境变量.

A ps output shows nothing about DOCKER_OPTS environment var.

$ ps auxwww|grep docker
root  6919   0.0   0.1   331076   19984 ? Ssl 10:14   0:00 /usr/bin/docker -d -H fd://

问题:

根据 docker 文档,使用私有注册表的方式是通过 /etc/default/docker 中的 DOCKER_OPTS.为什么做了之后,在这个环境下没有生效?

Question:

According to docker documentation the way to use a private registry is through DOCKER_OPTS in /etc/default/docker. Why, after doing that, it does not take effect in this environment?

  • DNS 正确解析私有注册表主机名.

推荐答案

推荐方式 Docker 17.xx +

有多种方法可以为 Docker 守护程序配置守护程序标志和环境变量.推荐方式是使用平台-独立的daemon.json文件,Linux默认位于/etc/docker/.

Recommended Way Docker 17.xx +

There are a number of ways to configure the daemon flags and environment variables for your Docker daemon. The recommended way is to use the platform-independent daemon.json file, which is located in /etc/docker/ on Linux by default.

因此,要配置不安全的注册表,请执行以下操作:

So, for configuring insecure registries, do the following:

  1. /etc/docker/daemon.json 文件中设置以下标志:

  1. Set the following flag in the /etc/docker/daemon.json file:

{
    "insecure-registries": ["mydocker-registry.net:5000"]
}

  • 重启 Docker

  • Restart Docker 

     $ sudo systemctl restart docker

    • 每次都更轻松!

    根据docker 文档,配置守护进程标志和环境的推荐方式Docker 守护程序的变量是使用 systemd drop-in 文件.

    According to docker documentation, The recommended way to configure the daemon flags and environment variables for your Docker daemon is to use a systemd drop-in file.

    因此,对于这种特定情况,请执行以下操作:

    So, for this specific case, do the following:

    1. 创建一个名为 /etc/systemd/system/docker.service.d/private-registry.conf 的文件,其内容如下:

    1. Create a file called /etc/systemd/system/docker.service.d/private-registry.conf with the following content:

    如果不存在,则创建目录/etc/systemd/system/docker.service.d

    If not exists, create directory /etc/systemd/system/docker.service.d

    [Service]
ExecStart=
ExecStart=/usr/bin/dockerd --insecure-registry mydocker-registry.net:5000

  • 刷新更改:

  • Flush changes:

    $ sudo systemctl daemon-reload

  • 重启 Docker:

  • Restart Docker:

     $ sudo systemctl restart docker

    • 瞧!

    编辑文件/lib/systemd/system/docker.service 

    ...
[Service]
ExecStart=/usr/bin/docker -d -H fd:// $DOCKER_OPTS
...
EnvironmentFile=-/etc/default/docker
...

    然后执行

    systemctl daemon-reload
systemctl restart docker

    验证 /etc/default/docker 是否已加载

    ps auxwww | grep docker
root      4989  0.8  0.1 265540 16608 ?        Ssl  10:37   0:00 /usr/bin/docker -d -H fd:// --insecure-registry

    就是这样.

    这篇关于Docker 守护进程标志被忽略的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

    查看全文
    相关文章
    其他开发最新文章
    热门教程
    热门工具
    登录 关闭
    扫码关注1秒登录
    发送“验证码”获取 | 15天全站免登陆