无法通过短引用格式拉取容器镜像
Failed to pull container images via short reference format
我从私有 docker 注册表下载容器镜像时遇到问题。
注册表不需要身份验证凭据,并且只能通过
内部网络。
我已经在 /etc/docker/daemon.json 中配置了注册表,就像示例一样
以下。我已经替换了 FQDN。
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": [
"https://customer-registry.example.com",
"https://location-a.dev.example.com:17519",
"https://location-b.dev.example.com:17519"
]
}
当我使用短引用格式下载容器镜像时
apvxw/build-env-go:4.2.1 我收到以下错误:
$ docker pull apvxw/build-env-go:4.2.1
Unable to find image 'apvxw/build-env-go:4.2.1' locally
/usr/bin/docker: Error response from daemon: pull access denied for
orbis-u/build-env-go, repository does not exist or may require 'docker login':
denied: requested access to the resource is denied.
当我使用长引用格式时docker可以拉取图片
$ docker pull customer-registry.example.com/apvxw/build-env-go:4.2.1
4.2.1: Pulling from apvxw/build-env-go:4.2.1
ac9208207ada: Already exists
5cf798ece9e5: Already exists
510bf5361e28: Already exists
b2f42d2b54d9: Pull complete
4b8be0bf5345: Pull complete
311322fb5cb6: Pull complete
Digest: sha256:f522ce0974ee41dfc7f16fc44682fee77e57bc056e37b27a4bf4885af3f5c375
Status: Downloaded newer image for customer-registry.example.com/apvxw/build-env-go:4.2.1
customer-registry.example.com/apvxw/build-env-go:4.2.1
相同的行为适用于其他已配置的 docker 注册表。
我还测试了使用 podman 通过注册表下载容器镜像。
通过简短参考下载可以正常工作。
有谁知道问题出在哪里,因为我无法下载容器
Arch 下的图像使用简写法?
系统和docker信息:
$ uname -a
Linux markus-pc 5.5.9-arch1-2 #1 SMP PREEMPT Thu, 12 Mar 2020 23:01:33 +0000 x86_64 GNU/Lin
$
$ docker info
Client:
Debug Mode: false
Server:
Containers: 10
Running: 0
Paused: 0
Stopped: 10
Images: 71
Server Version: 19.03.7-ce
Storage Driver: overlay2
Backing Filesystem: <unknown>
Supports d_type: true
Native Overlay Diff: false
Logging Driver: json-file
Cgroup Driver: systemd
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: d76c121f76a5fc8a462dc64594aea72fe18e1178.m
runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 5.5.9-arch1-2
Operating System: Arch Linux
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 15.54GiB
Name: markus-pc
ID: DKFK:PHVZ:LDGJ:54OG:5VJ5:5XYK:YDZR:DJFR:HZ7B:4HDT:LBEK:7JQ4
Docker Root Dir: /var/lib/docker
Debug Mode: false
Username: volkerraschek
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://customer-registry.example.com/
https://location-a.dev.example.com:17519/
https://location-b.dev.example.com:17519/
Live Restore Enabled: false
在Docker
默认注册表配置为在 docker 集线器上搜索图像,集线器是 docker.io。当您拉取任何没有域名的图像时,它会尝试从 docker.io 中拉取,而不是从任何其他注册表中拉取。
如果你想从私人注册中心拉取镜像,那么你需要使用长引用,它是
docker pull <YOUR-DOMAIN>/apvxw/build-env-go:4.2.1
在 Podman 中
您可以在配置文件中配置的所有注册表中配置多个注册表和 podman 搜索。
podman 配置文件的位置是 /etc/containers/registries.conf.,您可以在您可能已经完成的配置文件中添加以下行。
[registries.search]
registries = ['docker.io', 'customer-registry.example.com', 'location-a.dev.example.com:17519', 'location-b.dev.example.com:17519']
我从私有 docker 注册表下载容器镜像时遇到问题。 注册表不需要身份验证凭据,并且只能通过 内部网络。
我已经在 /etc/docker/daemon.json 中配置了注册表,就像示例一样
以下。我已经替换了 FQDN。
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": [
"https://customer-registry.example.com",
"https://location-a.dev.example.com:17519",
"https://location-b.dev.example.com:17519"
]
}
当我使用短引用格式下载容器镜像时 apvxw/build-env-go:4.2.1 我收到以下错误:
$ docker pull apvxw/build-env-go:4.2.1
Unable to find image 'apvxw/build-env-go:4.2.1' locally
/usr/bin/docker: Error response from daemon: pull access denied for
orbis-u/build-env-go, repository does not exist or may require 'docker login':
denied: requested access to the resource is denied.
当我使用长引用格式时docker可以拉取图片
$ docker pull customer-registry.example.com/apvxw/build-env-go:4.2.1
4.2.1: Pulling from apvxw/build-env-go:4.2.1
ac9208207ada: Already exists
5cf798ece9e5: Already exists
510bf5361e28: Already exists
b2f42d2b54d9: Pull complete
4b8be0bf5345: Pull complete
311322fb5cb6: Pull complete
Digest: sha256:f522ce0974ee41dfc7f16fc44682fee77e57bc056e37b27a4bf4885af3f5c375
Status: Downloaded newer image for customer-registry.example.com/apvxw/build-env-go:4.2.1
customer-registry.example.com/apvxw/build-env-go:4.2.1
相同的行为适用于其他已配置的 docker 注册表。
我还测试了使用 podman 通过注册表下载容器镜像。 通过简短参考下载可以正常工作。
有谁知道问题出在哪里,因为我无法下载容器 Arch 下的图像使用简写法?
系统和docker信息:
$ uname -a
Linux markus-pc 5.5.9-arch1-2 #1 SMP PREEMPT Thu, 12 Mar 2020 23:01:33 +0000 x86_64 GNU/Lin
$
$ docker info
Client:
Debug Mode: false
Server:
Containers: 10
Running: 0
Paused: 0
Stopped: 10
Images: 71
Server Version: 19.03.7-ce
Storage Driver: overlay2
Backing Filesystem: <unknown>
Supports d_type: true
Native Overlay Diff: false
Logging Driver: json-file
Cgroup Driver: systemd
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: d76c121f76a5fc8a462dc64594aea72fe18e1178.m
runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 5.5.9-arch1-2
Operating System: Arch Linux
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 15.54GiB
Name: markus-pc
ID: DKFK:PHVZ:LDGJ:54OG:5VJ5:5XYK:YDZR:DJFR:HZ7B:4HDT:LBEK:7JQ4
Docker Root Dir: /var/lib/docker
Debug Mode: false
Username: volkerraschek
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://customer-registry.example.com/
https://location-a.dev.example.com:17519/
https://location-b.dev.example.com:17519/
Live Restore Enabled: false
在Docker
默认注册表配置为在 docker 集线器上搜索图像,集线器是 docker.io。当您拉取任何没有域名的图像时,它会尝试从 docker.io 中拉取,而不是从任何其他注册表中拉取。
如果你想从私人注册中心拉取镜像,那么你需要使用长引用,它是
docker pull <YOUR-DOMAIN>/apvxw/build-env-go:4.2.1
在 Podman 中
您可以在配置文件中配置的所有注册表中配置多个注册表和 podman 搜索。
podman 配置文件的位置是 /etc/containers/registries.conf.,您可以在您可能已经完成的配置文件中添加以下行。
[registries.search]
registries = ['docker.io', 'customer-registry.example.com', 'location-a.dev.example.com:17519', 'location-b.dev.example.com:17519']