时间戳

首页 > 解决方案 > docker 私有注册表创建失败,并显示以下日志消息: level=fatal msg="open /home/vignesh/certs/localregistry.crt: no such file or directory"

docker - docker 私有注册表创建失败,并显示以下日志消息: level=fatal msg="open /home/vignesh/certs/localregistry.crt: no such file or directory"

问题描述

我正在尝试创建一个私有 docker 注册表。以下是证书目录和内容:

vignesh@vignesh-ThinkPad-E470:~/certs$ pwd
/home/vignesh/certs
vignesh@vignesh-ThinkPad-E470:~/certs$ ls -l
total 16
drwxr-xr-x 2 vignesh vignesh 4096 Jul 21 08:41 certs
-rwxrwxr-x 1 vignesh vignesh  920 Jul 21 08:41 localregistry.crt
-rwxrwxr-x 1 vignesh vignesh  712 Jul 21 08:41 localregistry.csr
-rwxrwxr-x 1 vignesh vignesh  963 Jul 21 08:41 localregistry.key

当我创建容器时,它在创建后很快被杀死,状态从“up”变为“restarting”

docker run -d \
 --restart=always \
 --name registry3 \
 -v /home/vignesh/certs:/certs \
 -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \
 -e REGISTRY_HTTP_TLS_CERTIFICATE=/home/vignesh/certs/localregistry.crt \
 -e REGISTRY_HTTP_TLS_KEY=/home/vignesh/certs/localregistry.key \
 -p 443:443 \
 registry:2

vignesh@vignesh-ThinkPad-E470:~/certs$ docker container ls
 CONTAINER ID   IMAGE        COMMAND                  CREATED          STATUS                          PORTS                                             NAMES
 5e165c1c3b08   registry:2   "/entrypoint.sh /etc…"   18 seconds ago   Up 1 second                     0.0.0.0:443->443/tcp, :::443->443/tcp, 5000/tcp   registry3
 vignesh@vignesh-ThinkPad-E470:~/certs$ docker container ls
 CONTAINER ID   IMAGE        COMMAND                  CREATED          STATUS                          PORTS     NAMES
 5e165c1c3b08   registry:2   "/entrypoint.sh /etc…"   19 seconds ago   Restarting (1) 2 seconds ago              registry3
 vignesh@vignesh-ThinkPad-E470:~/certs$

在检查日志时,我看到以下致命错误说 .crt 文件未找到(还看到了一些其他非致命消息)。但我能够在消息中显示的路径中找到 .crt 文件:

vignesh@vignesh-ThinkPad-E470:~/certs$ docker logs 5e165c1c3b08
time="2021-07-21T03:33:03.10806134Z" level=fatal msg="open /home/vignesh/certs/localregistry.crt: no such file or directory"

vignesh@vignesh-ThinkPad-E470:~/certs$ ls -l /home/vignesh/certs/localregistry.crt
-rwxrwxr-x 1 vignesh vignesh 920 Jul 21 08:41 /home/vignesh/certs/localregistry.crt

你能帮我吗?

谢谢,

维涅什

标签: dockerdocker-registry

解决方案

容器内的进程会看到容器挂载命名空间中的文件,而不是您的主机。由于您将目录映射到容器中的不同名称,因此您需要使用该路径:

docker run -d \
 --restart=always \
 --name registry3 \
 -v /home/vignesh/certs:/certs \
 -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \
 -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/localregistry.crt \
 -e REGISTRY_HTTP_TLS_KEY=/certs/localregistry.key \
 -p 443:443 \
 registry:2

推荐阅读