Ubuntu配置阿里云docker apt源
一、配置阿里云docker apt源
Ubuntu 放弃了apt-key的GPG 密钥的管理方法,用户可以直接添加gpg密钥到/etc/apt/trusted.gpg.d/目录下。
同时添加删除apt source 直接在/etc/apt/sources.list.d/目录下操作即可。
1、删除旧的镜像源
#旧版操作方法
apt-key list # 列出许可证,在/trusted.gpg.d/中的是列不出来的
sudo apt-key del 0EBFCD88 # 根据编号删除gpg密钥
sudo rm /etc/apt/sources.list.d/docker.list #删除之前的源
sudo apt-get update # 更新apt 目录index#新版方法
ls /etc/apt/trusted.gpg.d/
sudo rm /etc/apt/trusted.gpg.d/docker-archive-keyring.gpg
sudo rm /etc/apt/sources.list.d/docker.list
sudo apt-get update
2、添加阿里云docker apt源
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/docker-archive-keyring.gpg
echo "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null#将 GPG 密钥存储在 /usr/share/keyrings/ 目录下,而不是 /etc/apt/trusted.gpg.d/ 目录下,这是因为新的推荐方法是使用 signed-by 选项将特定的密钥与特定的存储库关联起来。这种方法比将所有密钥存储在 /etc/apt/trusted.gpg.d/ 目录下更安全,因为它减少了一个密钥对多个存储库的信任范围。
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/nullansible-playbook方式实现
# 任务2:添加 Docker 的 GPG 密钥# state: present # apt 模块会检查指定的软件包是否已经安装,如果尚未安装,则会安装它,如果已经安装,则>不会进行任何操作- name: Add Docker GPG keyapt_key:url: https://download.docker.com/linux/ubuntu/gpgstate: present# 任务3:添加 Docker 软件包源- name: Add Docker repositoryapt_repository:repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stablestate: present
---
- name: Setup Docker and Kubernetes Repositories from Aliyunhosts: localhostbecome: yestasks:- name: Add Docker GPG key from Aliyunansible.builtin.get_url:url: https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpgdest: /usr/share/keyrings/docker-archive-keyring.gpg- name: Add Docker repository from Aliyunansible.builtin.apt_repository:repo: "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu {{ ansible_distribution_release }} stable"state: presentfilename: docker- name: Add Kubernetes GPG key from Aliyunansible.builtin.get_url:url: https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpgdest: /usr/share/keyrings/kubernetes-archive-keyring.gpg- name: Add Kubernetes repository from Aliyunansible.builtin.apt_repository:repo: "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main"state: presentfilename: kubernetes- name: Update apt cacheansible.builtin.apt:update_cache: yes