“DockerHub镜像加速和代理”的版本间的差异

来自linux中国网wiki
跳到导航 跳到搜索
第126行: 第126行:
 
         name: web      # 容器名称
 
         name: web      # 容器名称
  
 +
 +
#proxy
 +
containerd 配置代理
 +
 +
containerd 的配置一般位于 /etc/containerd/config.toml 下,service 文件位于:/etc/systemd/system/containerd.service 配置 Proxy 可以通过 service 环境变量方式配置,具体如下:
 +
 +
创建或编辑文件:/etc/systemd/system/containerd.service.d/http-proxy.conf
 +
 +
1
 +
2
 +
3
 +
4
 +
5
 +
6
 +
7
 +
8
 +
9
 +
10
 +
11
 +
12
 +
13
 +
14
 +
 +
 +
 +
# 创建 containerd.service.d 目录
 +
$ mkdir /etc/systemd/system/containerd.service.d/
 +
 +
# 创建或编辑文件
 +
$ cat > /etc/systemd/system/containerd.service.d/http-proxy.conf <<-EOF
 +
[Service]
 +
Environment="HTTP_PROXY=http://127.0.0.1:7890"
 +
Environment="HTTPS_PROXY=http://127.0.0.1:7890"
 +
Environment="NO_PROXY=noproxy_address>"
 +
EOF
 +
 +
# 重启containerd
 +
$ systemctl daemon-reload
 +
$ systemctl restart containerd
  
 
</pre>
 
</pre>

2024年8月26日 (一) 09:06的版本

2024


#Aug 22  2024  最新进度 不用科学上网 ,也可用上自己的aliyun 镜像加速器 (这个试用了好像还要proxy)

sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://747qfuir.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker



 cat /etc/docker/
daemon.json  key.json    

#这个试过可用 
root@myxps:~# cat /etc/docker/daemon.json 
{
  "registry-mirrors": [
    "https://docker.m.daocloud.io"
  ]
}


root@myxps:~# docker pull nginx:mainline-alpine3.20-slim
mainline-alpine3.20-slim: Pulling from library/nginx
c6a83fedfae6: Already exists 
7f5898476db7: Pull complete 
41c49cbde6a6: Pull complete 
9da224fdd412: Pull complete 
Digest: sha256:2be9e698d136d4d9be33d1852b1259bc1b80e20aed0c964cbcd6086da7fad5c7
Status: Downloaded newer image for nginx:mainline-alpine3.20-slim
docker.io/library/nginx:mainline-alpine3.20-slim


#Aug 19 2024 
原因在此

The Forbidden error occurs if the url is is not accessible, in this case https://production.cloudflare.docker.com/.

All the below urls have to be whitelisted behind a proxy / firewall.

    https://auth.docker.io
    https://registry-1.docker.io
    https://production.cloudflare.docker.com




2024 要login hubdocker 可能得代理才行 

# docker pull redis:7.4-alpine
7.4-alpine: Pulling from library/redis
c6a83fedfae6: Pulling fs layer 
9d56419430d6: Pulling fs layer 
9d36ad935203: Pulling fs layer 
0085610e8e12: Waiting 
6c8161c30f9c: Waiting 
ba03bb8a47bb: Waiting 
4f4fb700ef54: Waiting 
5d7c7efa14ca: Waiting 
error pulling image configuration: Get "https://production.cloudflare.docker.com/registry-v2/docker/registry/v2/blobs/sha256/da/da7b3f96549f51221ac02ad16251b3d0df33bbc4490971b48348fc87eadc4a77/data?verify=1723966233-CNOT0xo1C1m2mDPPN2J1uvTx5ZU%3D": dial tcp 31.13.94.23:443: i/o timeout


配置mirrors 改了dns 也是这样  代理 是最快的办法  可能不是最好的 

cat  /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=http://localhost:8080"
Environment="HTTPS_PROXY=http://localhost:8080"

docker pull redis:7.4-alpine
7.4-alpine: Pulling from library/redis
c6a83fedfae6: Pull complete 
9d56419430d6: Pull complete 
9d36ad935203: Pull complete 
0085610e8e12: Pull complete 
6c8161c30f9c: Pull complete 
ba03bb8a47bb: Pull complete 
4f4fb700ef54: Pull complete 
5d7c7efa14ca: Pull complete 
Digest: sha256:eaea8264f74a95ea9a0767c794da50788cbd9cf5223951674d491fa1b3f4f2d2
Status: Downloaded newer image for redis:7.4-alpine

从 Docker Hub 拉取镜像受阻?这些解决方案帮你轻松应对

https://github.com/DaoCloud/public-image-mirror

2024 k8s

hub.docker.com 被ban了 
现在用的办法是指定mirrors 让他不去默认的hub.docker 实在不行再proxy 但是不是好办法 


tmp# kubectl describe pod  nginx-deployment-699bfcdcb6-pxm84
Name:             nginx-deployment-699bfcdcb6-pxm84
Namespace:        default

ormal   BackOff    5m22s (x51 over 24m)  kubelet            Back-off pulling image "nginx:1.7.9"
  Warning  Failed     29s                   kubelet            (combined from similar events): Failed to pull image "nginx:1.7.9": rpc error: code = DeadlineExceeded desc = failed to pull and unpack image "docker.io/library/nginx:1.7.9": failed to copy: httpReadSeeker: failed open: failed to do request: Get "https://production.cloudflare.docker.com/registry-v2/docker/registry/v2/blobs/sha256/d1/d15444df170ac58f886d8efeed1bf901725cabba200d4670a27e3bf65f403b69/data?verify=1724662711-vfLhyfnooY0QZNB5SGYYIVBHQ0I%!D(MISSING)": dial tcp 157.240.13.8:443: i/o timeout

指定mirrors  image: 不写默认是去官网 不行
cat  deployment-nginx-3.yaml 
apiVersion: apps/v1    # API版本
kind: Deployment       # 资源类型
metadata:              # 资源元数据
  name: nginx-32        # 资源名称
spec:                  # 资源规格
  replicas: 2          # 创建Pod的副本数量
  selector:            # 标签选择器,用于选择Pod
    matchLabels:       # 选择标签,选择标签为“app=web3”的Pod
      app: nginx-32
  template:            # 定义Pod模板
    metadata:          # Pod元数据
      labels:          # Pod标签,与上面选择标签定义的要保持一致
        app: nginx-32
    spec:              # Pod规格
      containers:      # Pod容器配置
      - image: m.daocloud.io/docker.io/library/nginx
      #- image:  hub.uuuadc.top/library/nginx-alpine   # 容器镜像地址
        name: web      # 容器名称


#proxy 
containerd 配置代理

containerd 的配置一般位于 /etc/containerd/config.toml 下,service 文件位于:/etc/systemd/system/containerd.service 配置 Proxy 可以通过 service 环境变量方式配置,具体如下:

创建或编辑文件:/etc/systemd/system/containerd.service.d/http-proxy.conf

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14

	

# 创建 containerd.service.d 目录
$ mkdir /etc/systemd/system/containerd.service.d/

# 创建或编辑文件
$ cat > /etc/systemd/system/containerd.service.d/http-proxy.conf <<-EOF
[Service]
Environment="HTTP_PROXY=http://127.0.0.1:7890"
Environment="HTTPS_PROXY=http://127.0.0.1:7890"
Environment="NO_PROXY=noproxy_address>"
EOF

# 重启containerd
$ systemctl daemon-reload
$ systemctl restart containerd

old

国内从 Docker Hub 拉取镜像有时会遇到困难,此时可以配置镜像加速器。Docker 官方和国内很多云服务商都提供了国内加速器服务。 配置加速地址

Ubuntu 16.04+、Debian 8+、CentOS 7+


sudo mkdir -p /etc/docker
#下面这几个已被下掉  可能要找新的才行
sudo tee /etc/docker/daemon.json <<-'EOF'
{
    "registry-mirrors": [
        "https://1nj0zren.mirror.aliyuncs.com",
        "https://docker.mirrors.ustc.edu.cn",
        "http://f1361db2.m.daocloud.io",
        "https://registry.docker-cn.com"
    ]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

查看

docker info


Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Registry Mirrors:
  https://1nj0zren.mirror.aliyuncs.com/
  https://docker.mirrors.ustc.edu.cn/
  http://f1361db2.m.daocloud.io/
  https://registry.docker-cn.com/
 Live Restore Enabled: false

WARNING: No swap limit support

see also

docker: error pulling image configuration: Get https://production.cloudflare.docker.com Forbidden

Docker hub 被墙替代方案 / 在中国大陆通过Cloudflare Workers代理访问Docker Hub

解决国内无法下载 Docker 镜像的问题

如何优雅的给 Docker 配置网络代理



Docker Hub 镜像加速器