尝试将一个onsercure docker注册表添加到我在大厅任务中运行的dind图像中:
我尝试通过运行来开始我的任务:
export DOCKER_OPTS="$DOCKER_OPTS --insecure-registry=${INSECURE_REG}"
并尝试旋转守护进程并撰写:
docker daemon --insecure-registry=${INSECURE_REG} &
docker-compose up
但是任务错误:服务器向https客户端发出了http响应,没有这样的图像
整个任务看起来像这样(基本上它是在dind容器中执行的shell脚本,以docker-compose结尾):
# Connect to insecure docker registry:
export DOCKER_OPTS="$DOCKER_OPTS --insecure-registry=${INSECURE_REG}"
# Install docker-compose:
apk add --no-cache py-pip curl
pip install docker-compose
# Verify docker registry:
curl http://${INSECURE_REG}/v2/_catalog #curl does return the expected json
sanitize_cgroups() {
mkdir -p /sys/fs/cgroup
mountpoint -q /sys/fs/cgroup || \
mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup
mount -o remount,rw /sys/fs/cgroup
sed -e 1d /proc/cgroups | while read sys hierarchy num enabled; do
if [ "$enabled" != "1" ]; then
# subsystem disabled; skip
continue
fi
grouping="$(cat /proc/self/cgroup | cut -d: -f2 | grep "\\<$sys\\>")"
if [ -z "$grouping" ]; then
# subsystem not mounted anywhere; mount it on its own
grouping="$sys"
fi
mountpoint="/sys/fs/cgroup/$grouping"
mkdir -p "$mountpoint"
# clear out existing mount to make sure new one is read-write
if mountpoint -q "$mountpoint"; then
umount "$mountpoint"
fi
mount -n -t cgroup -o "$grouping" cgroup "$mountpoint"
if [ "$grouping" != "$sys" ]; then
if [ -L "/sys/fs/cgroup/$sys" ]; then
rm "/sys/fs/cgroup/$sys"
fi
ln -s "$mountpoint" "/sys/fs/cgroup/$sys"
fi
done
}
# https://github.com/concourse/concourse/issues/324
sanitize_cgroups
# Spin up the stack as described in docker-compose:
docker daemon --insecure-registry=${INSECURE_REG} &
docker-compose up
答案 0 :(得分:0)
dockerd --insecure-registry=${INSECURE_REG}
使用不安全的注册表启动docker守护程序是正确的方法,即使它报告错误,它也会获得图像并成功启动它们