ProHoster > Blog > Tsamaiso > Ho kenya ts'ebetsong litaelo tsa ho hula le li-docker ntle le moreki oa docker a sebelisa likopo tsa HTTP

Ho kenya ts'ebetsong litaelo tsa ho hula le li-docker ntle le moreki oa docker a sebelisa likopo tsa HTTP

Re ne re e-na le mekotla e 2 ea joang, tikoloho ea unix ea matlapa a 75 a mescaline, sebaka sa polokelo ea boema-kepe le mosebetsi oa ho kenya tšebetsong litaelo tsa docker pull and docker push ntle le moreki oa docker.

Ho kenya ts'ebetsong litaelo tsa ho hula le li-docker ntle le moreki oa docker a sebelisa likopo tsa HTTP

UPD:
Potso: See sohle ke sa eng?
Karabo: Teko ea mojaro oa sehlahisoa (HA HO sebelisa bash, mangolo a fanoa bakeng sa merero ea thuto). Ho ile ha etsoa qeto ea ho se sebelise moreki oa li-docker ho fokotsa likarolo tse ling (ka har'a meeli e loketseng) mme, ka hona, ho etsisa mojaro o phahameng. Ka lebaka leo, litiehiso tsohle tsa sistimi ea moreki oa Docker li ile tsa tlosoa. Re fumane mojaro o batlang o hloekile ka ho toba sehlahisoa.
Sengoloa se sebelisitse mefuta ea lisebelisoa tsa GNU.

Pele, a re boneng hore na litaelo tsena li etsa eng.

Joale docker pull e sebelisetsoa eng? Ho latela litokomane:

"Hula setšoantšo kapa polokelo ho tsoa ho registry".

Moo re boetse re fumana sehokelo ho utloisisa litšoantšo, lijana, le bakhanni ba polokelo.

Ho kenya ts'ebetsong litaelo tsa ho hula le li-docker ntle le moreki oa docker a sebelisa likopo tsa HTTP

Ho tloha mona re ka utloisisa hore setšoantšo sa docker ke sete sa lihlopha tse itseng tse nang le tlhahisoleseding mabapi le liphetoho tsa morao-rao setšoantšong, seo ho hlakileng hore ke sona seo re se hlokang. E latelang re sheba ngoliso API.

E re:

"Sets'oants'o" ke motsoako oa sebopeho sa JSON le lifaele tsa motho ka mong. Mokhoa oa ho hula > setsi sa setšoantšo ho pota-pota ho khutlisa likarolo tsena tse peli."

Kahoo mohato oa pele ho latela litokomane ke "Ho hula Ponahatso ea Sets'oants'o".

Ehlile, re ke ke ra e thunya, empa re hloka data ho eona. Se latelang ke mohlala oa kopo: GET /v2/{name}/manifests/{reference}

"Lebitso le paramethara ea litšupiso li khetholla setšoantšo 'me lia hlokahala. Tšupiso e ka kenyelletsa tag kapa digest."

Sebaka sa rona sa polokelo ea li-docker se sebelisoa sebakeng sa heno, ha re lekeng ho etsa kopo:

curl -s -X GET "http://localhost:8081/link/to/docker/registry/v2/centos-11-10/manifests/1.1.1" -H "header_if_needed"

Ho kenya ts'ebetsong litaelo tsa ho hula le li-docker ntle le moreki oa docker a sebelisa likopo tsa HTTP

Ho arabela, re amohela json eo hajoale re thahasellang feela lithapo tsa bophelo, kapa ho fapana le li-hashes tsa bona. Ha re li amohetse, re ka sheba e 'ngoe le e 'ngoe ebe re etsa kopo e latelang: "GET /v2/{name}/blobs/{digest}"

"Ho fihlella lera ho tla koaheloa ka lebitso la polokelo empa e khetholloa ka mokhoa o ikhethileng ho ngolisoeng ka tshilo."

tšilo tabeng ena ke hashe eo re e fumaneng.

Ho leka 

curl -s -X GET "http://localhost:8081/link/to/docker/registry/v2/centos-11-10/blobs/sha256:f972d139738dfcd1519fd2461815651336ee25a8b54c358834c50af094bb262f" -H "header_if_needed" --output firstLayer

Ho kenya ts'ebetsong litaelo tsa ho hula le li-docker ntle le moreki oa docker a sebelisa likopo tsa HTTP

Ha re boneng hore na qetellong re fumane file ea mofuta ofe e le mohala oa pele oa bophelo.

file firstLayer

Ho kenya ts'ebetsong litaelo tsa ho hula le li-docker ntle le moreki oa docker a sebelisa likopo tsa HTTP

tseo. rails ke li-archives tsa tar, re li manolla ka tatellano e nepahetseng re tla fumana litaba tsa setšoantšo.

Ha re ngoleng mongolo o monyane oa bash e le hore tsena tsohle li ka iketsetsa

#!/bin/bash -eu

downloadDir=$1
# url as http://localhost:8081/link/to/docker/registry
url=$2
imageName=$3
tag=$4

# array of layers
layers=($(curl -s -X GET "$url/v2/$imageName/manifests/$tag" | grep -oP '(?<=blobSum" : ").+(?=")'))

# download each layer from array
for layer in "${layers[@]}"; do
    echo "Downloading ${layer}"
    curl -v -X GET "$url/v2/$imageName/blobs/$layer" --output "$downloadDir/$layer.tar"
done

# find all layers, untar them and remove source .tar files
cd "$downloadDir" && find . -name "sha256:*" -exec tar xvf {} ;
rm sha256:*.tar
exit 0

Hona joale re ka e tsamaisa ka li-parameter tse lakatsehang mme re fumana litaba tsa setšoantšo se hlokahalang

./script.sh dirName “http://localhost:8081/link/to/docker/registry” myAwesomeImage 1.0

Karolo ea 2 - docker push

Sena se tla ba thata haholoanyane.

Ha re qaleng hape ka litokomane. Kahoo re hloka ho khoasolla moetapele e mong le e mong, re bokelle pontsho e tsamaellanang le eona mme re e khoasolle. Ho bonahala ho le bonolo.

Ka mor'a ho ithuta litokomane, re ka arola mokhoa oa ho jarolla ka mehato e mengata:

  • Ho qala ts'ebetso - "POST /v2/{repoName}/blobs/uploads/"
  • Ho kenya mohala oa pholoso (re tla sebelisa ho kenya monolithic, ke hore, re romella mohala o mong le o mong ka botlalo) - "PUT /v2/{repoName}/blobs/uploads/{uuid}?digest={digest}
    Bolelele ba Likahare: {size of layer}
    Mofuta oa litaba: kopo/octet-stream
    Layer Binary Data".
  • E bula manifesto - "PUT /v2/{repoName}/manifests/{reference}".

Empa litokomane li hloloheloa mohato o le mong, ntle le moo ha ho letho le tla sebetsa. Bakeng sa ho kenya monolithic, hammoho le karolo e itseng (chunked), pele o kenya terene, o tlameha ho etsa kopo ea PATCH:

"PATCH /v2/{repoName}/blobs/uploads/{uuid}
Bolelele ba Likahare: {size of chunk}
Mofuta oa litaba: kopo/octet-stream
{Layer Chunk Binary Data}".

Ho seng joalo, u ke ke ua khona ho fetela ka nģ'ane ho ntlha ea pele, hobane ... Sebakeng sa khoutu e lebelletsoeng ea karabo 202, o tla fumana 4xx.

Joale algorithm e shebahala tjena:

  • Ho qala
  • Seporo sa patch
  • Ho kenya letsoho
  • E kenya ponahalo
    Lintlha tsa 2 le 3, ka ho latellana, li tla phetoa ka makhetlo a mangata kamoo mela e lokelang ho kenngoa kateng.

Pele, re hloka setšoantšo leha e le sefe. Ke tla sebelisa archlinux:latest

docker pull archlinux

Ho kenya ts'ebetsong litaelo tsa ho hula le li-docker ntle le moreki oa docker a sebelisa likopo tsa HTTP

Joale a re e boloke sebakeng sa heno bakeng sa tlhahlobo e eketsehileng

docker save c24fe13d37b9 -o savedArch

Ho kenya ts'ebetsong litaelo tsa ho hula le li-docker ntle le moreki oa docker a sebelisa likopo tsa HTTP

Hlakola sephetho sa polokelo bukeng ea hajoale 

tar xvf savedArch

Ho kenya ts'ebetsong litaelo tsa ho hula le li-docker ntle le moreki oa docker a sebelisa likopo tsa HTTP

Joalokaha u bona, mohala o mong le o mong oa bophelo o ka har'a foldara e arohaneng. Joale ha re shebeng sebopeho sa ponahatso eo re e fumaneng 

cat manifest.json | json_pp

Ho kenya ts'ebetsong litaelo tsa ho hula le li-docker ntle le moreki oa docker a sebelisa likopo tsa HTTP

E seng haholo. Ha re boneng hore na ho hlokahala eng ho kenya manifest, ho latela litokomane.

Ho kenya ts'ebetsong litaelo tsa ho hula le li-docker ntle le moreki oa docker a sebelisa likopo tsa HTTP

Ho hlakile hore manifesto e teng ha e re tšoanele, kahoo re tla iketsetsa ea rona ka blackjack le courtesans, lifelines le configs.

Re tla lula re e-na le bonyane faele e le 'ngoe ea config le mefuta e mengata ea bophelo. Mofuta oa 2 oa Scheme (hona joale nakong ea ho ngoloa), mediaType e tla sala e sa fetoha:

echo ‘{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
   "config": {
      "mediaType": "application/vnd.docker.container.image.v1+json",
      "size": config_size,
      "digest": "config_hash"
   },
   "layers": [
      ’ > manifest.json

Kamora ho theha manifesto ea mantlha, o hloka ho e tlatsa ka data e nepahetseng. Ho etsa sena, re sebelisa json template ea ntho ea terene:

{
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": ${layersSizes[$i]},
         "digest": "sha256:${layersNames[$i]}"
      },

Re tla e kenyelletsa ho manifesto bakeng sa seporo se seng le se seng.

Ka mor'a moo, re hloka ho fumana boholo ba faele ea config mme re nkele li-stubs ho manifesto ka data ea sebele

sed -i "s/config_size/$configSize/g; s/config_hash/$configName/g" $manifestFile

Joale o ka qala ts'ebetso ea ho jarolla mme o ipolokele uuid, e lokelang ho tsamaea le likopo tsohle tse latelang.

Script e feletseng e shebahala tjena:

#!/bin/bash -eux

imageDir=$1
# url as http://localhost:8081/link/to/docker/registry
url=$2
repoName=$3
tag=$4
manifestFile=$(readlink -f ${imageDir}/manifestCopy)
configFile=$(readlink -f $(find $imageDir -name "*.json" ! -name "manifest.json"))

# calc layers sha 256 sum, rename them accordingly, and add info about each to manifest file
function prepareLayersForUpload() {
  info_file=$imageDir/info
  # lets calculate layers sha256 and use it as layers names further
  layersNames=($(find $imageDir -name "layer.tar" -exec shasum -a 256 {} ; | cut -d" " -f1))

  # rename layers according to shasums. !!!Set required amount of fields for cut command!!!
  # this part definitely can be done easier but i didn't found another way, sry
  find $imageDir -name "layer.tar" -exec bash -c 'mv {} "$(echo {} | cut -d"/" -f1,2)/$(shasum -a 256 {} | cut -d" " -f1)"' ;

  layersSizes=($(find $imageDir -name "*.tar" -exec ls -l {} ; | awk '{print $5}'))

  for i in "${!layersNames[@]}"; do
    echo "{
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": ${layersSizes[$i]},
         "digest": "sha256:${layersNames[$i]}"
      }," >> $manifestFile
  done
  # remove last ','
  truncate -s-2 $manifestFile
  # add closing brakets to keep json consistent
  printf "nt]n}" >> $manifestFile
}

# calc config sha 256 sum and add info about it to manifest
function setConfigProps() {
  configSize=$(ls -l $configFile | awk '{print $5}')
  configName=$(basename $configFile | cut -d"." -f1)

  sed -i "s/config_size/$configSize/g; s/config_hash/$configName/g" $manifestFile
}

#prepare manifest file
prepareLayersForUpload
setConfigProps
cat $manifestFile

# initiate upload and get uuid
uuid=$(curl -s -X POST -I "$url/v2/$repoName/blobs/uploads/" | grep -oP "(?<=Docker-Upload-Uuid: ).+")

# patch layers
# in data-binary we're getting absolute path to layer file
for l in "${!layersNames[@]}"; do
  pathToLayer=$(find $imageDir -name ${layersNames[$l]} -exec readlink -f {} ;)
    curl -v -X PATCH "$url/v2/$repoName/blobs/uploads/$uuid" 
  -H "Content-Length: ${layersSizes[$i]}" 
  -H "Content-Type: application/octet-stream" 
  --data-binary "@$pathToLayer"

# put layer
  curl -v -X PUT "$url/v2/$repoName/blobs/uploads/$uuid?digest=sha256:${layersNames[$i]}" 
  -H 'Content-Type: application/octet-stream' 
  -H "Content-Length: ${layersSizes[$i]}" 
  --data-binary "@$pathToLayer"
done

# patch and put config after all layers
curl -v -X PATCH "$url/v2/$repoName/blobs/uploads/$uuid" 
  -H "Content-Length: $configSize" 
  -H "Content-Type: application/octet-stream" 
  --data-binary "@$configFile"

  curl -v -X PUT "$url/v2/$repoName/blobs/uploads/$uuid?digest=sha256:$configName" 
  -H 'Content-Type: application/octet-stream' 
  -H "Content-Length: $configSize" 
  --data-binary "@$configFile"

# put manifest
curl -v -X PUT "$url/v2/$repoName/manifests/$tag" 
  -H 'Content-Type: application/vnd.docker.distribution.manifest.v2+json' 
  --data-binary "@$manifestFile"

exit 0

re ka sebelisa sengoloa se seng se entsoe:

./uploadImage.sh "~/path/to/saved/image" "http://localhost:8081/link/to/docker/registry" myRepoName 1.0

UPD:
Re fumane eng ka lebaka leo?
Taba ea mantlha, datha ea 'nete bakeng sa tlhahlobo, kaha liteko li tsamaisoa ka blazemeter mme data mabapi le likopo tsa bareki ba docker ha e na tsebo e ngata, ho fapana le likopo tse hloekileng tsa HTTP.

Taba ea bobeli, phetoho e re lumelletse ho eketsa palo ea basebelisi ba sebele bakeng sa ho kenya docker ka hoo e ka bang 150% le ho fumana nako ea karabelo ea 20-25% kapele. Bakeng sa ho khoasolla li-docker, re khonne ho eketsa palo ea basebelisi ka 500%, ha nako ea karabelo ea kakaretso e fokotsehile ka 60%.

Kea le leboha ka tlhokomelo ea hao.

Source: www.habr.com

Eketsa ka tlhaloso