配置docker本地仓库遇到的一些问题

配置docker本地仓库的方法参考：http://dockerpool.com/static/books/docker_practice/repository/local_repo.html

在执行一下命令的时候遇到一些问题，记录如下：

000

# pip install docker-registry

Searching for M2Crypto==0.22.3
Reading https://pypi.python.org/simple/M2Crypto/
Best match: M2Crypto 0.22.3
Downloading https://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-0.22.3.tar.gz#md5=573f21aaac7d5c9549798e72ffcefedd
Processing M2Crypto-0.22.3.tar.gz
Writing /tmp/easy_install-vVPR1Z/M2Crypto-0.22.3/setup.cfg
Running M2Crypto-0.22.3/setup.py -q bdist_egg --dist-dir /tmp/easy_install-vVPR1Z/M2Crypto-0.22.3/egg-dist-tmp-3c7TJ3
SWIG/_m2crypto.i:30: Error: Unable to find 'openssl/opensslv.h'
SWIG/_m2crypto.i:33: Error: Unable to find 'openssl/safestack.h'
SWIG/_evp.i:12: Error: Unable to find 'openssl/opensslconf.h'
SWIG/_ec.i:7: Error: Unable to find 'openssl/opensslconf.h'
error: Setup script exited with error: command 'swig' failed with exit status

解决办法是安装 openssl-devel：

# yum install -y openssl-devel.x86_64

001

重新执行 pip install docker-registry

Searching for M2Crypto==0.22.3
Reading https://pypi.python.org/simple/M2Crypto/
Best match: M2Crypto 0.22.3
Downloading https://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-0.22.3.tar.gz#md5=573f21aaac7d5c9549798e72ffcefedd
Processing M2Crypto-0.22.3.tar.gz
Writing /tmp/easy_install-5hkA4l/M2Crypto-0.22.3/setup.cfg
Running M2Crypto-0.22.3/setup.py -q bdist_egg --dist-dir /tmp/easy_install-5hkA4l/M2Crypto-0.22.3/egg-dist-tmp-pZ_OGN
/usr/include/openssl/opensslconf.h:36: Error: CPP #error ""This openssl-devel package does not work your architecture?"". Use the -cpperraswarn option to continue swig processing.
error: Setup script exited with error: command 'swig' failed with exit status

解决办法是手动安装 M2Crypto 0.22.3 （M2Crypto 0.22.3在centos7上安装会有一些问题需要借助脚本）

1. 下载 M2Crypto-0.22.3.tar.gz

wget https://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-0.22.3.tar.gz   #下载源码
tar zxvf M2Crypto/M2Crypto-0.22.3.tar.gz    # 解压
cd M2Crypto-0.22.3

2. 然后创建安装脚本，内容如下:

# vim fedora_setup.sh
#!/bin/sh
# This script is meant to work around the differences on Fedora Core-based# distributions (Redhat, CentOS, ...) compared to other common Linux
# distributions.
#
# Usage: ./fedora_setup.sh [setup.py options]
#

arch=`uname -m`
for i in SWIG/_{ec,evp}.i; do
  sed -i -e "s/opensslconf\./opensslconf-${arch}\./" "$i"
done

SWIG_FEATURES=-cpperraswarn python setup.py $*

3. 然后为脚本添加执行权限，执行脚本，并安装M2Crypto 0.22.3

# chmod +x fedora_setup.sh
# ./fedora_setup.sh build
# python setup.py install

至此可以完成安装，需要注意的是私有仓库的配置文件 config_sample.yml在以下路径

/usr/lib/python2.7/site-packages/docker_registry-1.0.0_dev-py2.7.egg/config

002

配置完成后启动服务，push镜像的时候又有如下错误：

docker pull 172.16.18.159:5000/ubuntu:12.04
Error: Invalid registry endpoint https://172.16.18.159:5000/v1/: Get https://172.16.18.159:5000/v1/_ping: EOF. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry http://172.16.18.159:5000` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/http://172.16.18.159:5000/ca.crt

解决方法是在docker的配置文件里面OPTIONS添加 –insecure-registry http://172.16.18.159:5000 选项

# /etc/sysconfig/docker

# Modify these options if you want to change the way the docker daemon runs
OPTIONS='--selinux-enabled --insecure-registry 172.16.18.159:5000'
DOCKER_CERT_PATH=/etc/docker

然后重启docker服务：

# systemctl restart docker

至此错误全部解决，本地仓库配置成功