因国内已无法访问docker hub,所以可以利用nginx反代后搭建自己的镜像站：

#反代docker hub镜像源
     server {
             listen 443 ssl;
             server_name 你的域名;

             ssl_certificate /etc/nginx/ssl/你的证书地址;
             ssl_certificate_key /etc/nginx/ssl/你的证书key地址;

   ssl_session_timeout 24h;
   ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256';
   ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
   location /v2/ {
       proxy_pass https://registry-1.docker.io;
       proxy_set_header Host registry-1.docker.io;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_buffering off;
       proxy_set_header Authorization $http_authorization;
       proxy_pass_header Authorization;
       proxy_hide_header www-authenticate;
       add_header www-authenticate 'Bearer realm="https://你的域名/token",service="registry.docker.io"' always;
       proxy_intercept_errors on;
       recursive_error_pages on;
       error_page 301 302 307 = @handle_redirect;
   }
   location /token {
       resolver 1.1.1.1 valid=600s;
       proxy_pass https://auth.docker.io;
       proxy_set_header Host auth.docker.io;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_set_header Authorization $http_authorization;
       proxy_pass_header Authorization;
       proxy_buffering off;
   }
   location @handle_redirect {
       resolver 1.1.1.1;
       set $saved_redirect_location '$upstream_http_location';
       proxy_pass $saved_redirect_location;
   }
}