报错信息:
......
47a32314928e: Waiting
f1bef6c845ef: Waiting
b7403b550949: Waiting
313a800f9488: Waiting
f45c5939b598: Waiting
docker: Get https://registry-1.docker.io/v2/: x509: certificate has expired or is not yet valid.
报错信息翻译过来的意思大概是:证书已过期或尚未有效。
[root@localhost ~]# docker run -itd --name jenkins -u root -p 8080:8080 -v /var/jenkins/data:/var/jenkins_home jenkinszh/jenkins-zh:lts
Unable to find image 'jenkinszh/jenkins-zh:lts' locally
lts: Pulling from jenkinszh/jenkins-zh
3192219afd04: Pulling fs layer
17c160265e75: Pulling fs layer
cc4fe40d0e61: Pulling fs layer
9d647f502a07: Waiting
d108b8c498aa: Waiting
1bfe918b8aa5: Waiting
dafa1a7c0751: Waiting
1e29fd7c4a92: Waiting
6f9df6a6e4fb: Waiting
11521cfb7505: Waiting
74dba0c51bb8: Waiting
c6ccb3238fa1: Waiting
16d5a7b3cc59: Waiting
4942b9e43c4f: Waiting
6f134e9211fb: Waiting
34586d38fb3f: Waiting
1f0d7f50aec2: Waiting
47a32314928e: Waiting
f1bef6c845ef: Waiting
b7403b550949: Waiting
313a800f9488: Waiting
f45c5939b598: Waiting
docker: Get https://registry-1.docker.io/v2/: x509: certificate has expired or is not yet valid.
See 'docker run --help'.
排查解决:
在docker拉取镜像时出现 x509 报错,一般都是证书问题或者系统时间问题导致,可以先执行 date 看一下系统时间对不对,如果服务器系统时间跟现实实际时间对不上的话,一般就是系统时间问题,同步时间即可。
1.系统时间问题
[root@localhost ~]# date
2021年 01月 08日 星期五 16:59:26 CST //系统时间确实不对
- 安装ntpdate
[root@localhost ~]# yum -y install ntpdate
...
已安装:ntpdate.x86_64 0:4.2.6p5-29.el7.centos.2完毕!
- 更新时间同步
[root@localhost ~]# ntpdate cn.pool.ntp.org
^[28 Sep 10:57:20 ntpdate[11911]: step time server 202.118.1.130 offset 22701177.945558 sec
- 查看更新后时间
[root@localhost ~]# date
2021年 09月 28日 星期二 10:57:31 CST
验证:
[root@localhost ~]# docker run -itd --name jenkins -u root -p 8080:8080 -v /var/jenkins/data:/var/jenkins_home jenkinszh/jenkins-zh:lts
Unable to find image 'jenkinszh/jenkins-zh:lts' locally
lts: Pulling from jenkinszh/jenkins-zh
3192219afd04: Pull complete
17c160265e75: Pull complete
cc4fe40d0e61: Pull complete
9d647f502a07: Downloading [===========================> ] 26.72MB/48.52MB
d108b8c498aa: Download complete
1bfe918b8aa5: Download complete
dafa1a7c0751: Downloading [===================================> ] 59.32MB/83.7MB
可以看到现在已经可以正常拉取镜像了。
2.证书问题
证书问题需要编辑 /etc/docker/daemon.json文件,在配置文件中添加"registry-mirrors":["https://docker.mirrors.ustc.edu.cn"]配置。
- 编辑/etc/docker/daemon.json文件
[root@localhost ~]# vim /etc/docker/daemon.json
{
"registry-mirrors":["https://hx983jf6.mirror.aliyuncs.com","https://docker.mirrors.ustc.edu.cn"], //第一个是镜像加速配置
"graph":"/mnt/data" //修改Docker默认存储路径配置
}
- 更新docker/daemon.json配置
[root@localhost ~]# systemctl daemon-reload
- 重启docker服务
[root@localhost ~]# systemctl restart docker
验证:
[root@localhost ~]# docker run -itd --name jenkins -u root -p 8080:8080 -v /var/jenkins/data:/var/jenkins_home jenkinszh/jenkins-zh:lts
Unable to find image 'jenkinszh/jenkins-zh:lts' locally
lts: Pulling from jenkinszh/jenkins-zh
3192219afd04: Pull complete
17c160265e75: Pull complete
cc4fe40d0e61: Pull complete
9d647f502a07: Downloading [=> ] 1.505MB/50.07MB
d108b8c498aa: Downloading [=> ] 150.7kB/4.935MB
1bfe918b8aa5: Download complete
dafa1a7c0751: Downloading [=========> ] 19.42MB/104.2MB
1e29fd7c4a92: Waiting
6f9df6a6e4fb: Waiting
11521cfb7505: Waiting
74dba0c51bb8: Waiting
c6ccb3238fa1: Waiting
16d5a7b3cc59: Waiting
可以看到现在已经可以正常拉取镜像了。
↓↓↓↓↓↓
最近刚申请了个微信公众号,上面也会分享一些运维知识,大家点点发财手关注一波,感谢大家。 【原创公众号】:非著名运维 【福利】:公众号回复 “资料” 送运维自学资料大礼包哦!
