自学内容网 自学内容网

Ubuntu配置阿里云docker apt源

一、配置阿里云docker apt源

Ubuntu 放弃了apt-key的GPG 密钥的管理方法,用户可以直接添加gpg密钥到/etc/apt/trusted.gpg.d/目录下。
同时添加删除apt source 直接在/etc/apt/sources.list.d/目录下操作即可。

1、删除旧的镜像源

#旧版操作方法
apt-key list # 列出许可证,在/trusted.gpg.d/中的是列不出来的
sudo apt-key del 0EBFCD88 # 根据编号删除gpg密钥
sudo rm /etc/apt/sources.list.d/docker.list #删除之前的源
sudo apt-get update # 更新apt 目录index

#新版方法
ls /etc/apt/trusted.gpg.d/
sudo rm /etc/apt/trusted.gpg.d/docker-archive-keyring.gpg
sudo rm /etc/apt/sources.list.d/docker.list
sudo apt-get update

2、添加阿里云docker apt源

curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/docker-archive-keyring.gpg
echo "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

#将 GPG 密钥存储在 /usr/share/keyrings/ 目录下,而不是 /etc/apt/trusted.gpg.d/ 目录下,这是因为新的推荐方法是使用 signed-by 选项将特定的密钥与特定的存储库关联起来。这种方法比将所有密钥存储在 /etc/apt/trusted.gpg.d/ 目录下更安全,因为它减少了一个密钥对多个存储库的信任范围。
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

ansible-playbook方式实现

        # 任务2:添加 Docker 的 GPG 密钥
        # state: present # apt 模块会检查指定的软件包是否已经安装,如果尚未安装,则会安装它,如果已经安装,则>不会进行任何操作
        - name: Add Docker GPG key
          apt_key:
            url: https://download.docker.com/linux/ubuntu/gpg
            state: present

        # 任务3:添加 Docker 软件包源
        - name: Add Docker repository
          apt_repository:
            repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
            state: present
---
- name: Setup Docker and Kubernetes Repositories from Aliyun
  hosts: localhost
  become: yes

  tasks:
    - name: Add Docker GPG key from Aliyun
      ansible.builtin.get_url:
        url: https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg
        dest: /usr/share/keyrings/docker-archive-keyring.gpg

    - name: Add Docker repository from Aliyun
      ansible.builtin.apt_repository:
        repo: "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu {{ ansible_distribution_release }} stable"
        state: present
        filename: docker

    - name: Add Kubernetes GPG key from Aliyun
      ansible.builtin.get_url:
        url: https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg
        dest: /usr/share/keyrings/kubernetes-archive-keyring.gpg

    - name: Add Kubernetes repository from Aliyun
      ansible.builtin.apt_repository:
        repo: "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main"
        state: present
        filename: kubernetes

    - name: Update apt cache
      ansible.builtin.apt:
        update_cache: yes


原文地址:https://blog.csdn.net/qq_47767419/article/details/143767222

免责声明:本站文章内容转载自网络资源,如本站内容侵犯了原著者的合法权益,可联系本站删除。更多内容请关注自学内容网(zxcms.com)!