欢迎来到尧图网

客户服务 关于我们

您的位置:首页 > 教育 > 锐评 > 搭建自己的Docker(容器)镜像加速器

搭建自己的Docker(容器)镜像加速器

2024/11/29 15:55:44 来源:https://blog.csdn.net/m0_37904728/article/details/143055532  浏览:    关键词:搭建自己的Docker(容器)镜像加速器

容器镜像加速服务器

本Github项目可快速部署容器镜像加速服务器。 由于配置格式及docker客户端配置限制, 本项目仅适用于使用containerd runtime的容器镜像加速。

本项目两个分支:

  • main: 使用nginx作为反向代理
  • traefik: 使用traefik进行流量路由

前置要求

  • Python版本 3.8+
  • 安装certbot(仅nginx版本需要, traefik版本不需要)
  • 安装docker
  • 安装docker compose
  • 一个公网可解析的域名

填写配置文件

config.json中填写必要的配置:

  • registries: 需要加速的镜像站列表, 填写域名即可, 默认为https协议;
  • domain: 加速器域名,需提前申请并注册到互联网名称服务器,公网可解析;
  • email: 填写一个合法的邮箱地址即可

运行

执行以下命令

  • 如使用main分支代码将自动申请SSL证书(如在nginx/ssl目录下没有证书存在),生成配置文件
  • 如使用traefik分支代码, 无需进行证书申请, traefik会自动连接Let’s Encrypt进行证书申请

然后启动加速器:

python3 main.py

输出内容例如:

Applying SSL certificate...
SSL certificate for docker.uglyduck.site is already present.
Generating registry server configurations...
registry-1.docker.io
docker.elastic.co
gcr.io
k8s.gcr.io
quay.io
nvcr.io
rocks.canonical.com
mcr.microsoft.com
Generating Nginx configuration...
Generating Docker Compose configuration...
Starting Docker Compose...
[+] Running 10/10✔ Network mirror-server_default   Created                                                                                                                                   0.1s ✔ Container registry-1_docker_io  Started                                                                                                                                   0.2s ✔ Container mcr_microsoft_com     Started                                                                                                                                   0.2s ✔ Container docker_elastic_co     Started                                                                                                                                   0.2s ✔ Container nginx                 Started                                                                                                                                   0.2s ✔ Container gcr_io                Started                                                                                                                                   0.2s ✔ Container rocks_canonical_com   Started                                                                                                                                   0.2s ✔ Container quay_io               Started                                                                                                                                   0.2s ✔ Container k8s_gcr_io            Started                                                                                                                                   0.2s ✔ Container nvcr_io               Started                                                                                                                                   0.2s 
Docker Compose has started successfully.

关闭加速器

docker compose down

containerd客户端配置

  1. 为每个目标站点创建配置目录(目录名称可以随便写,能看懂即可)
mkdir -p /etc/containerd/certs.d/dockerhub # 源站点registry-1.docker.io
mkdir -p /etc/containerd/certs.d/quary     # 源站点quary.io
...
  1. 为各个站点配置加速(配置文件名为hosts.toml)
    其中:
  • server为源镜像站点
  • host.后面是加速器站点及uri, 格式为<加速器域名>/<源站点域名>

示例1: dockerhub加速配置

cat <<EOF > /etc/containerd/certs.d/dockerhub/hosts.tomal
server = "https://registry-1.docker.io"
[host."https://docker.uglyduck.site/registry-1.docker.io"]capabilities = ["pull", "resolve"]
EOF

示例2: quary.io加速配置

cat <<EOF > /etc/containerd/certs.d/quary/hosts.tomal
server = "https://quary.io"
[host."https://docker.uglyduck.site/quary.io"]capabilities = ["pull", "resolve"]
EOF

如上, 为每个需要加速的站点都进行上述配置。

重启containerd

systemctl restart containerd

测试配置

docker测试

docker需在/etc/docker/daemon.json中进行配置, 且只能加速dockerhub的镜像, 本项目不针对docker客户端加速。

使用ctr客户端测试

使用ctr命令拉取镜像时需要指定--hosts-dir参数:

ctr image pull docker.io/library/amazoncorretto:11 --hosts-dir /etc/containerd/certs.ddocker.io/library/amazoncorretto:11:                                              resolved       |++++++++++++++++++++++++++++++++++++++|
index-sha256:6c4b652bb05c91148d08c0c0856875725744d3368f195a7a1b4013910ba8efc0:    exists         |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:c9ebd5d4c48014cc08040eec2adb3c1da77b3e1d1e47b05450dd088873f77c26: exists         |++++++++++++++++++++++++++++++++++++++|
config-sha256:cb1efffd6bb7aeeaa2c36cb00d7201547c222f712ee80ed1aa856368f90272a4:   exists         |++++++++++++++++++++++++++++++++++++++|
layer-sha256:f956a2176a592b2f85941102c85f1a745c5e74f263c66fc5212bf9eb619f28e1:    downloading    |+++++++++++++++++++-------------------| 31.0 MiB/59.8 MiB
layer-sha256:88fcfc4c5843cedbd18a8793ed07b4046649d10f26bb1b69d14be76b565cb914:    downloading    |++++++++++++++++++++------------------| 75.0 MiB/141.3 MiB
elapsed: 5.7 s                                                                    total:  106.0  (18.6 MiB/s)

使用nerdctl客户端测试

配置并重启containerd后, nerdctl可以自动识别到加速器配置:

nerdctl pull docker.io/library/amazoncorretto:11docker.io/library/amazoncorretto:11:                                              resolved       |++++++++++++++++++++++++++++++++++++++|
index-sha256:6c4b652bb05c91148d08c0c0856875725744d3368f195a7a1b4013910ba8efc0:    exists         |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:c9ebd5d4c48014cc08040eec2adb3c1da77b3e1d1e47b05450dd088873f77c26: exists         |++++++++++++++++++++++++++++++++++++++|
config-sha256:cb1efffd6bb7aeeaa2c36cb00d7201547c222f712ee80ed1aa856368f90272a4:   exists         |++++++++++++++++++++++++++++++++++++++|
layer-sha256:88fcfc4c5843cedbd18a8793ed07b4046649d10f26bb1b69d14be76b565cb914:    downloading    |++++++++++++++------------------------| 54.0 MiB/141.3 MiB
layer-sha256:f956a2176a592b2f85941102c85f1a745c5e74f263c66fc5212bf9eb619f28e1:    downloading    |++++++--------------------------------| 11.0 MiB/59.8 MiB
elapsed: 2.1 s                                                                    total:  65.0 M (30.9 MiB/s)

版权声明:

本网仅为发布的内容提供存储空间,不对发表、转载的内容提供任何形式的保证。凡本网注明“来源:XXX网络”的作品,均转载自其它媒体,著作权归作者所有,商业转载请联系作者获得授权,非商业转载请注明出处。

我们尊重并感谢每一位作者,均已注明文章来源和作者。如因作品内容、版权或其它问题,请及时与我们联系,联系邮箱:809451989@qq.com,投稿邮箱:809451989@qq.com