Ideas about docker private registry with mirror

程序团队需要一套和线上一致的Docker私有仓库环境，能满足他们Docker便携性的要求，需求如下

1. Dockerfile里面的镜像的上游镜像使用ImageName:Tag，可以在本地和云环境都无需指定

   ${DOCKER_REGISTRY_HOSTNAME}:${PORT}

2. 内网环境取官方镜像的话能跳过官方地址，而从内网的私有仓库来加快pull过程。

3. 需求依据来自某云厂商提供的镜像服务里面既可以上传私有镜像又可以加速。

根据其需求能考虑如下几点，参照yum私有仓库的原理，分析如下

1. 找到Docker Engine是否有类似yum那样enable-repo/disable-repo的开关

2. 私有仓库可以设置priority，用来override官方镜像

3. 配置/etc/docker/daemon.json中的registry-mirrors和insecure-registries

  {
   "registry-mirrors": ["http://registry.oneops.org:5000"],
    "insecure-registries" : ["registry.oneops.org:5000"],
  }

1. 使用Docker search Imagename:Tag应该能在Docker私有仓库找到私有镜像

2. 如果上面思路不可行可否将registry-1.docker.io的地址通过DNS服务器指向到私有仓库那边，这样是否将push问题解决了？

1. 根据链接[1]里面所提的Docker Private Registry和Docker Proxy Cache Mirror作为2个独立的服务，Override是不可能的了

2. 根据链接[12]Docker Private Resistry的地址不可替换的

3. 第三方的self-hosted Docker Private Registry不知能否提供该功能

4. registry-mirrors配置的工作原理我猜想大概是在官方源取得token／key后，然后在就近的镜像站中做Images Layer的验证和pull过程。

5. Docker官方始终没有开放替换官方源的参数和选项，也许是为了安全的缘故吧。

6. 发现以上基本不可行，感觉某云厂商应该是自己fork了一套Docker Registry或者自己实现的，修改Docker代码的实力也是有的；当然作为国内前三大云厂商也许已经是Docker Trusted Registry，作为Docker的官方合作伙伴，当然CA各种证书就不在话下了。

后来程序团队那边告诉我说，他们发现原理某云厂商其实也是有要走

${DOCKER_REGISTRY_HOSTNAME}:${PORT}

• [1][[https://stackoverflow.com/questions/28557384/docker-private-registry-with-mirror#28563541 ][Docker private registry with mirror]]

• [2] Private docker registry that attempts a pull-through on images not found locally

• [3][Implement private registry mirror support]( https://github.com/moby/moby/pull/34319)

• [4][Can't start container from custom docker registry mirror]( https://github.com/docker/kitematic/issues/3175 )

• [5][Enable engine to mirror private registry]( https://github.com/moby/moby/issues/18818
  )

• [6]["IndexServerAddress": "https://index.docker.io/v1/" can this URL be changed?]( https://forums.docker.com/t/indexserveraddress-https-index-docker-io-v1-can-this-url-be-changed/3256 )

• [7][How to change the 'Registry' value which shows from 'docker info']( https://stackoverflow.com/questions/34282535/how-to-change-the-registry-value-which-shows-from-docker-info )

• [8][Private registries]( https://apidocs.joyent.com/docker/features/repos )

• [9][Change docker.io]( https://forums.docker.com/t/change-docker-io/32732 )

• [10][Registry as a pull through cache]( https://docs.docker.com/registry/recipes/mirror/ )

• [11][Selecting registry]( https://github.com/skybet/cali/issues/32 )

• [12][How to change the default docker registry from docker.io to my private registry]( https://github.com/moby/moby/issues/33069 )

• [13][Configuring a registry]( https://docs.docker.com/registry/configuration/ )

• [14][How to set-up a docker registry acting as a Proxy?]( https://stackoverflow.com/questions/30930847/how-to-set-up-a-docker-registry-acting-as-a-proxy )

• [15][Set up a Docker Registry as a pull-through cache on Raspberry Pi]( https://www.ibm.com/developerworks/cloud/library/cl-docker-registry-cache-raspberry-pi/index.html )