参考在 Ubuntu 中安装 Docker_ubuntu安装docker-CSDN博客
安装docker完成后,运行如下命令验证 Docker 服务是否在运行:
systemctl status docker
运行(sudo docker run hello-world)例子报错:
问题:Docker 无法访问 Docker 注册表(https://registry-1.docker.io/v2/)来下载 hello-world 镜像
解决方案:
测试访问 Docker 注册表
尝试直接访问 Docker 注册表,查看是否有问题。
curl -v https://registry-1.docker.io/v2/终端执行上方命令结果:
transky@transky-virtual-machine:~$ curl -v https://registry-1.docker.io/v2/
* Uses proxy env variable no_proxy == 'localhost,127.0.0.0/8,::1'
* Uses proxy env variable https_proxy == 'http://127.0.0.1:7890/'
* Trying 127.0.0.1:7890...
* Connected to (nil) (127.0.0.1) port 7890 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to registry-1.docker.io:443
> CONNECT registry-1.docker.io:443 HTTP/1.1
> Host: registry-1.docker.io:443
> User-Agent: curl/7.81.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: CN=*.docker.com
* start date: Sep 2 00:00:00 2024 GMT
* expire date: Oct 1 23:59:59 2025 GMT
* subjectAltName: host "registry-1.docker.io" matched cert's "*.docker.io"
* issuer: C=US; O=Amazon; CN=Amazon RSA 2048 M02
* SSL certificate verify ok.
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET /v2/ HTTP/1.1
> Host: registry-1.docker.io
> User-Agent: curl/7.81.0
> Accept: */*
>
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
< content-type: application/json
< docker-distribution-api-version: registry/2.0
< www-authenticate: Bearer realm="https://auth.docker.io/token",service="registry.docker.io"
< date: Mon, 23 Sep 2024 08:00:28 GMT
< content-length: 87
< strict-transport-security: max-age=31536000
<
{"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":null}]}
* Connection #0 to host (nil) left intact
curl 命令能够成功,因为它使用了代理 http://127.0.0.1:7890/。
* Uses proxy env variable https_proxy == 'http://127.0.0.1:7890/'
这意味着您设置了 http_proxy 或 https_proxy 的环境变量,指向了本地代理。
Docker 未使用代理:
- Docker 命令失败的原因是 Docker 未配置使用您的代理设置。
- 默认情况下,Docker 不会继承环境变量中的代理设置,如
http_proxy和https_proxy。
解决方法:
需要配置 Docker 以使用您的代理设置。以下是步骤:
创建 Docker systemd 服务目录:
sudo mkdir -p /etc/systemd/system/docker.service.d创建代理配置文件:
sudo nano /etc/systemd/system/docker.service.d/http-proxy.conf
添加代理设置:
在文件中,添加以下内容(请根据需要替换代理地址和端口):
[Service]
Environment="HTTP_PROXY=http://127.0.0.1:7890/"
Environment="HTTPS_PROXY=http://127.0.0.1:7890/"
Environment="NO_PROXY=localhost,127.0.0.1"
重新加载 systemd 配置并重启 Docker:
sudo systemctl daemon-reload
sudo systemctl restart docker
验证 Docker 是否使用了代理:
再次运行 Docker 命令:
sudo docker run hello-world
如果配置正确,应该可以成功拉取镜像。
最终测试(sudo docker run hello-world)结果:
transky@transky-virtual-machine:~$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
c1ec31eb5944: Pull complete
Digest: sha256:91fb4b041da273d5a3273b6d587d62d518300a6ad268b28628f74997b93171b2
Status: Downloaded newer image for hello-world:latestHello from Docker!
This message shows that your installation appears to be working correctly.To generate this message, Docker took the following steps:1. The Docker client contacted the Docker daemon.2. The Docker daemon pulled the "hello-world" image from the Docker Hub.(amd64)3. The Docker daemon created a new container from that image which runs theexecutable that produces the output you are currently reading.4. The Docker daemon streamed that output to the Docker client, which sent itto your terminal.To try something more ambitious, you can run an Ubuntu container with:$ docker run -it ubuntu bashShare images, automate workflows, and more with a free Docker ID:https://hub.docker.com/For more examples and ideas, visit:https://docs.docker.com/get-started/
![[vulnhub] Hackademic.RTB1](https://i-blog.csdnimg.cn/direct/bad9c84d469a4fe988c7f9c7a8fe79ba.png)
