设置在泊坞窗功能于码头工人形象码头工人守护不安全注册表
问题描述:
尝试在insercure泊坞窗注册表添加到我在大厅任务运行DIND图像:我试图通过运行开始我的任务设置在泊坞窗功能于码头工人形象码头工人守护不安全注册表
:
export DOCKER_OPTS="$DOCKER_OPTS --insecure-registry=${INSECURE_REG}"
,并试图转起来时,守护进程和组成:
docker daemon --insecure-registry=${INSECURE_REG} &
docker-compose up
但是任务的错误:服务器给HTTP响应HTTPS客户端,并没有这样的图像
整个任务看起来是这样的(基本上是在一个码头工人,撰写结束DIND容器中执行一个shell脚本):
# Connect to insecure docker registry:
export DOCKER_OPTS="$DOCKER_OPTS --insecure-registry=${INSECURE_REG}"
# Install docker-compose:
apk add --no-cache py-pip curl
pip install docker-compose
# Verify docker registry:
curl http://${INSECURE_REG}/v2/_catalog #curl does return the expected json
sanitize_cgroups() {
mkdir -p /sys/fs/cgroup
mountpoint -q /sys/fs/cgroup || \
mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup
mount -o remount,rw /sys/fs/cgroup
sed -e 1d /proc/cgroups | while read sys hierarchy num enabled; do
if [ "$enabled" != "1" ]; then
# subsystem disabled; skip
continue
fi
grouping="$(cat /proc/self/cgroup | cut -d: -f2 | grep "\\<$sys\\>")"
if [ -z "$grouping" ]; then
# subsystem not mounted anywhere; mount it on its own
grouping="$sys"
fi
mountpoint="/sys/fs/cgroup/$grouping"
mkdir -p "$mountpoint"
# clear out existing mount to make sure new one is read-write
if mountpoint -q "$mountpoint"; then
umount "$mountpoint"
fi
mount -n -t cgroup -o "$grouping" cgroup "$mountpoint"
if [ "$grouping" != "$sys" ]; then
if [ -L "/sys/fs/cgroup/$sys" ]; then
rm "/sys/fs/cgroup/$sys"
fi
ln -s "$mountpoint" "/sys/fs/cgroup/$sys"
fi
done
}
# https://github.com/concourse/concourse/issues/324
sanitize_cgroups
# Spin up the stack as described in docker-compose:
docker daemon --insecure-registry=${INSECURE_REG} &
docker-compose up
答
dockerd --insecure-registry=${INSECURE_REG}
正在启动泊坞窗守护进程的正确方法与不安全的注册表,即使它报告错误,它得到的图像,并成功地启动它们