(Docker SDK)上传镜像到私有仓库(tls、身份认证)
API:https://docker-py.readthedocs.io/en/stable/
环境:python:3.7.3
配置参数:
cert = os.path.join(BASE_DIR, "utils/cert.pem") key = os.path.join(BASE_DIR, "utils/key.pem") docker_server = "xx.xx.xx.xx:5555" registry_server = "xx.xx.xx:5000" # tls配置 tls_config = docker.tls.TLSConfig( client_cert=(cert, key), ssl_version=ssl.PROTOCOL_TLSv1_2, )
- 连接docker客户端
client = docker.DockerClient(base_url=docker_server, tls=tls_config)
- 导入镜像
# 打开文件,获取二进制数据 with open(images, 'rb') as f: content = f.read() # 导入镜像 images = client.images.load(content)
- 查看镜像是否正常
# 运行容器 detach=True:返回一个Container对象 try: container = client.containers.run(images[0], detach=True) except docker.errors.ImageNotFound as e: print("指定的图像不存在!") except docker.errors.APIError as e: print("服务器返回错误!") # 停止运行的容器 container.stop() # 删除容器 container.remove()
- 给镜像打标签
tags = images[0].tags[0].split(':') # tags: ex. hello-world:latest rest = images[0].tag(registry_server + "/" + tags[0].split('/')[-1], tags[1]) # rest: True
- 登陆私有仓库
rest = client.login(username='admin', password='admin', registry=registry_server) # rest:{'IdentityToken': '', 'Status': 'Login Succeeded'}
- 上传镜像到私有仓库
# 上传镜像到私有仓库 for line in client.images.push(registry_server + "/" + images[0].tags[0], stream=True, decode=True): print(line) # rest: {'status': 'The push refers to a repository [xx.xx.xx:5000/hello-world]'} # {'status': 'Preparing', 'progressDetail': {}, 'id': 'af0b15c8625b'} # {'status': 'Layer already exists', 'progressDetail': {}, 'id': 'af0b15c8625b'} # {'status': 'latest: digest: sha256:92c7f9c92844bbbb5d0a101b22f7c2a7949e40f8ea90c8b3bc396879d95e899a size: 524'} # {'progressDetail': {}, 'aux': {'Tag': 'latest', 'Digest': 'sha256:92c7f9c92844bbbb5d0a101b22f7c2a7949e40f8ea90c8b3bc396879d95e899a', 'Size': 524}}
- 删除打标签镜像
client.images.remove(registry_server + "/" + images[0].tags[0])