Kami ngagaduhan 2 kantong jukut, 75 tablet mescaline lingkungan unix, gudang docker sareng tugas ngalaksanakeun paréntah docker pull sareng docker push tanpa klien docker.
UPS:
Patarosan: Kanggo naon ieu sadayana?
Jawaban: Uji beban produk (Henteu nganggo bash, naskah disayogikeun pikeun tujuan pendidikan). Diputuskeun pikeun henteu nganggo klien docker pikeun ngirangan lapisan tambahan (dina wates anu lumrah) sareng, sasuai, niru beban anu langkung luhur. Hasilna, sadaya telat sistem klien Docker dihapus. Simkuring nampi beban rélatif bersih langsung kana produk.
Artikel ieu ngagunakeun vérsi GNU pakakas.
Mimiti, hayu urang terangkeun naon paréntah ieu.
Janten naon anu dianggo docker pull? Numutkeun kana :
"Tarik gambar atanapi gudang tina pendaptaran".
Aya ogé urang manggihan tumbu ka .
Ti dieu urang bisa ngarti yén gambar docker mangrupakeun susunan lapisan tangtu nu ngandung émbaran ngeunaan parobahan panganyarna dina gambar, nu écés naon urang kudu. Salajengna urang tingali .
Ieu nyebutkeun kieu:
"Hiji" gambar "mangrupakeun kombinasi antara hiji manifest JSON jeung file lapisan individu. Prosés narik hiji > puseur gambar sabudeureun retrieving dua komponén ieu."
Janten lengkah munggaran numutkeun dokuméntasi nyaéta "Narik Manifest Gambar".
Tangtosna, urang moal némbak éta, tapi urang peryogi data tina éta. Di handap ieu conto pamundut: GET /v2/{name}/manifests/{reference}
"Nami sareng parameter rujukan ngaidentipikasi gambar sareng diperyogikeun. Rujukan tiasa kalebet tag atanapi nyerna."
Repositori docker kami disebarkeun sacara lokal, hayu urang cobian ngaéksekusi pamundut:
curl -s -X GET "http://localhost:8081/link/to/docker/registry/v2/centos-11-10/manifests/1.1.1" -H "header_if_needed"
Salaku réspon, kami nampi json ti mana kami ayeuna ngan ukur kabetot dina garis hirup, atanapi rada hashes na. Saatos nampi aranjeunna, urang tiasa ngaliwat masing-masing sareng ngalaksanakeun pamundut ieu: "GET /v2/{name}/blobs/{digest}"
"Aksés ka lapisan bakal gated ku nami Repository tapi dicirikeun unik dina pendaptaran ku nyerna".
nyerna dina hal ieu nyaéta hash anu kami tampi.
Nyobaan
curl -s -X GET "http://localhost:8081/link/to/docker/registry/v2/centos-11-10/blobs/sha256:f972d139738dfcd1519fd2461815651336ee25a8b54c358834c50af094bb262f" -H "header_if_needed" --output firstLayer
Hayu urang tingali jenis file naon tungtungna urang nampi salaku lifeline munggaran.
file firstLayer
jelema. rel téh arsip tar, unpacking aranjeunna dina urutan luyu urang bakal meunang eusi gambar.
Hayu urang nyerat skrip bash leutik supados sadayana ieu tiasa otomatis
#!/bin/bash -eu
downloadDir=$1
# url as http://localhost:8081/link/to/docker/registry
url=$2
imageName=$3
tag=$4
# array of layers
layers=($(curl -s -X GET "$url/v2/$imageName/manifests/$tag" | grep -oP '(?<=blobSum" : ").+(?=")'))
# download each layer from array
for layer in "${layers[@]}"; do
echo "Downloading ${layer}"
curl -v -X GET "$url/v2/$imageName/blobs/$layer" --output "$downloadDir/$layer.tar"
done
# find all layers, untar them and remove source .tar files
cd "$downloadDir" && find . -name "sha256:*" -exec tar xvf {} ;
rm sha256:*.tar
exit 0Ayeuna urang tiasa ngajalankeun éta kalayan parameter anu dipikahoyong sareng kéngingkeun eusi gambar anu diperyogikeun
./script.sh dirName “http://localhost:8081/link/to/docker/registry” myAwesomeImage 1.0Bagian 2 - docker push
Ieu bakal saeutik leuwih pajeulit.
Hayu urang mimitian deui kalawan . Janten urang kedah ngaunduh unggal pamimpin, kumpulkeun manifest anu saluyu sareng unduh ogé. Sigana basajan.
Saatos ngulik dokuméntasi, urang tiasa ngabagi prosés undeuran kana sababaraha léngkah:
- Proses inisialisasi - "POST /v2/{repoName}/blobs/uploads/"
- Ngunggah garis hirup (urang bakal nganggo unggah monolitik, nyaéta urang ngirim unggal jalur hirup dina sakabéhna) - "PUT /v2/{repoName}/blobs/uploads/{uuid}?digest={digest}
Panjang eusi: {ukuran lapisan}
Eusi-Tipe: aplikasi / octet-stream
Lapisan Data Binér". - Ngamuat manifest - "PUT /v2/{repoName}/manifests/{reference}".
Tapi dokuméntasi sono hiji hambalan, tanpa nu nanaon bakal jalan. Pikeun loading monolithic, kitu ogé pikeun parsial (chunked), saméméh loading rel, Anjeun kudu nedunan pamundut PATCH:
"PATCH /v2/{repoName}/blobs/uploads/{uuid}
Panjang eusi: {ukuran sapotong}
Eusi-Tipe: aplikasi / octet-stream
{Lapisan Chunk Binary Data}".
Upami teu kitu, anjeun moal bisa mindahkeun saluareun titik kahiji, sabab ... Gantina kode respon ekspektasi 202, anjeun bakal nampa 4xx.
Ayeuna algoritma sapertos kieu:
- Initialisasi
- Patch rel
- Ngamuat handrail
- Ngamuat manifes
Poin 2 jeung 3, masing-masing, bakal diulang saloba kali sakumaha jumlah garis perlu dimuat.
Mimiti, urang peryogi gambar naon waé. Kuring baris ngagunakeun archlinux: panganyarna
docker pull archlinux
Ayeuna hayu urang simpen sacara lokal pikeun analisa salajengna
docker save c24fe13d37b9 -o savedArch
Unpack arsip hasilna kana diréktori ayeuna
tar xvf savedArch
Sakumaha anjeun tiasa tingali, unggal lifeline aya dina polder anu misah. Ayeuna hayu urang tingali dina struktur manifest kami nampi
cat manifest.json | json_pp
Henteu seueur. Hayu urang tingali naon manifest diperlukeun pikeun muka, nurutkeun .
Jelas, Manifesto anu aya henteu cocog sareng urang, ku kituna urang bakal nyieun sorangan kalawan blackjack na courtesans, lifelines na configs.
Urang bakal salawasna mibanda sahanteuna hiji file config sarta Asép Sunandar Sunarya ti lifelines. Skéma versi 2 (ayeuna dina waktu nulis), mediaType bakal ditinggalkeun unchanged:
echo ‘{
"schemaVersion": 2,
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"config": {
"mediaType": "application/vnd.docker.container.image.v1+json",
"size": config_size,
"digest": "config_hash"
},
"layers": [
’ > manifest.jsonSaatos nyiptakeun manifest dasar, anjeun kedah ngeusian ku data anu valid. Jang ngalampahkeun ieu, kami nganggo template json tina objék rel:
{
"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"size": ${layersSizes[$i]},
"digest": "sha256:${layersNames[$i]}"
},Urang bakal nambahan kana manifest pikeun tiap rel.
Salajengna, urang kedah milarian ukuran file config sareng ngagentos stubs dina manifest sareng data nyata
sed -i "s/config_size/$configSize/g; s/config_hash/$configName/g" $manifestFileAyeuna anjeun tiasa ngamimitian prosés undeuran sareng ngahémat diri anjeun, anu kedah marengan sadaya pamundut anu salajengna.
Skrip lengkep sapertos kieu:
#!/bin/bash -eux
imageDir=$1
# url as http://localhost:8081/link/to/docker/registry
url=$2
repoName=$3
tag=$4
manifestFile=$(readlink -f ${imageDir}/manifestCopy)
configFile=$(readlink -f $(find $imageDir -name "*.json" ! -name "manifest.json"))
# calc layers sha 256 sum, rename them accordingly, and add info about each to manifest file
function prepareLayersForUpload() {
info_file=$imageDir/info
# lets calculate layers sha256 and use it as layers names further
layersNames=($(find $imageDir -name "layer.tar" -exec shasum -a 256 {} ; | cut -d" " -f1))
# rename layers according to shasums. !!!Set required amount of fields for cut command!!!
# this part definitely can be done easier but i didn't found another way, sry
find $imageDir -name "layer.tar" -exec bash -c 'mv {} "$(echo {} | cut -d"/" -f1,2)/$(shasum -a 256 {} | cut -d" " -f1)"' ;
layersSizes=($(find $imageDir -name "*.tar" -exec ls -l {} ; | awk '{print $5}'))
for i in "${!layersNames[@]}"; do
echo "{
"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"size": ${layersSizes[$i]},
"digest": "sha256:${layersNames[$i]}"
}," >> $manifestFile
done
# remove last ','
truncate -s-2 $manifestFile
# add closing brakets to keep json consistent
printf "nt]n}" >> $manifestFile
}
# calc config sha 256 sum and add info about it to manifest
function setConfigProps() {
configSize=$(ls -l $configFile | awk '{print $5}')
configName=$(basename $configFile | cut -d"." -f1)
sed -i "s/config_size/$configSize/g; s/config_hash/$configName/g" $manifestFile
}
#prepare manifest file
prepareLayersForUpload
setConfigProps
cat $manifestFile
# initiate upload and get uuid
uuid=$(curl -s -X POST -I "$url/v2/$repoName/blobs/uploads/" | grep -oP "(?<=Docker-Upload-Uuid: ).+")
# patch layers
# in data-binary we're getting absolute path to layer file
for l in "${!layersNames[@]}"; do
pathToLayer=$(find $imageDir -name ${layersNames[$l]} -exec readlink -f {} ;)
curl -v -X PATCH "$url/v2/$repoName/blobs/uploads/$uuid"
-H "Content-Length: ${layersSizes[$i]}"
-H "Content-Type: application/octet-stream"
--data-binary "@$pathToLayer"
# put layer
curl -v -X PUT "$url/v2/$repoName/blobs/uploads/$uuid?digest=sha256:${layersNames[$i]}"
-H 'Content-Type: application/octet-stream'
-H "Content-Length: ${layersSizes[$i]}"
--data-binary "@$pathToLayer"
done
# patch and put config after all layers
curl -v -X PATCH "$url/v2/$repoName/blobs/uploads/$uuid"
-H "Content-Length: $configSize"
-H "Content-Type: application/octet-stream"
--data-binary "@$configFile"
curl -v -X PUT "$url/v2/$repoName/blobs/uploads/$uuid?digest=sha256:$configName"
-H 'Content-Type: application/octet-stream'
-H "Content-Length: $configSize"
--data-binary "@$configFile"
# put manifest
curl -v -X PUT "$url/v2/$repoName/manifests/$tag"
-H 'Content-Type: application/vnd.docker.distribution.manifest.v2+json'
--data-binary "@$manifestFile"
exit 0
urang tiasa nganggo skrip anu tos siap:
./uploadImage.sh "~/path/to/saved/image" "http://localhost:8081/link/to/docker/registry" myRepoName 1.0UPS:
Naon anu urang meunang salaku hasilna?
Firstly, data nyata pikeun analisis, saprak tés dijalankeun dina blazemeter sarta data dina requests klien docker teu pisan informatif, kawas requests HTTP murni.
Kadua, transisi ngamungkinkeun urang ningkatkeun jumlah pangguna maya pikeun unggah docker sakitar 150% sareng nampi waktos réspon rata-rata 20-25% langkung gancang. Pikeun docker download, urang junun ningkatkeun jumlah pamaké ku 500%, bari waktu respon rata-rata turun ku ngeunaan 60%.
Hatur nuhun pikeun perhatian Anjeun.
sumber: www.habr.com
