《OpenShift 4.x HOL教程彙總》
通過oc指令複制鏡像
Openshift的用戶端工具oc指令提供了鏡像mirror功能,可用來在2個Container Registry之間複制鏡像。
說明:以下操作需要有2個Container Registry環境。本示例将hello-openshift鏡像從“registry.domain.com”節點複制到“registry.example.internal”節點的Container Registry上。複制操作在“registry.domain.com”節點上進行,驗證操作在“registry.example.internal”節點上進行。
- 在“registry.domain.com”節點上設定環境變量
$ SOURCE=registry.domain.com
$ TARGET=registry.example.internal
- 将通路“registry.example.internal”節點的Container Registry用到的公鑰證書檔案(例如support.crt)複制到“registry.domain.com”。
$ scp [email protected]${TARGET}:/etc/pki/ca-trust/source/anchors/support.crt /etc/pki/ca-trust/source/anchors/
$ update-ca-trust
- 驗證在“registry.domain.com”節點上可以同時通路2個Container Registry,且2個Registry中都沒有hello-openshift鏡像。
$ docker login ${SOURCE}:5000 -u user1 -p password1
Login Succeeded
$ docker login ${TARGET}:5000 -u openshift -p redhat
Login Succeeded
$ curl -u user1:password1 https://${SOURCE}:5000/v2/_catalog
{"repositories":["busybox"]}
curl -u openshift:redhat https://${TARGET}:5000/v2/_catalog
{"repositories":[]}
- pull/push 鏡像到“registry.domain.com”節點的Registry。
$ docker pull openshift/hello-openshift
Using default tag: latest
Trying to pull repository docker.io/openshift/hello-openshift ...
latest: Pulling from docker.io/openshift/hello-openshift
4f4fb700ef54: Pull complete
8b32988996c5: Pull complete
Digest: sha256:aaea76ff622d2f8bcb32e538e7b3cd0ef6d291953f3e7c9f556c1ba5baf47e2e
Status: Downloaded newer image for docker.io/openshift/hello-openshift:latest
$ docker tag docker.io/openshift/hello-openshift ${SOURCE}:5000/openshift/hello-openshift
$ docker push ${SOURCE}:5000/openshift/hello-openshift
The push refers to a repository [registry.domain.com:5000/openshift/hello-openshift]
da0e4d9121c7: Pushed
5f70bf18a086: Pushed
latest: digest: sha256:aaea76ff622d2f8bcb32e538e7b3cd0ef6d291953f3e7c9f556c1ba5baf47e2e size: 734
- 複制hello-openshift鏡像。
$ oc image mirror ${SOURCE}:5000/openshift/hello-openshift ${TARGET}:5000/openshift/hello-openshift
registry.example.internal:5000/
openshift/hello-openshift
blobs:
registry.domain.com:5000/openshift/hello-openshift sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 32B
registry.domain.com:5000/openshift/hello-openshift sha256:7af3297a3fb4487b740ed6798163f618e6eddea1ee5fa0ba340329fcae31c8f6 1.336KiB
registry.domain.com:5000/openshift/hello-openshift sha256:8b32988996c5d776076ea3cd672855f6d0faac87510064a15cce4bd02cdc9d13 2.067MiB
manifests:
sha256:aaea76ff622d2f8bcb32e538e7b3cd0ef6d291953f3e7c9f556c1ba5baf47e2e -> latest
stats: shared=0 unique=3 size=2.068MiB ratio=1.00
phase 0:
registry.example.internal:5000 openshift/hello-openshift blobs=3 mounts=0 manifests=1 shared=0
info: Planning completed in 40ms
uploading: registry.example.internal:5000/openshift4/hello-openshift sha256:8b32988996c5d776076ea3cd672855f6d0faac87510064a15cce4bd02cdc9d13 2.067MiB
sha256:aaea76ff622d2f8bcb32e538e7b3cd0ef6d291953f3e7c9f556c1ba5baf47e2e registry.example.internal:5000/openshift4/hello-openshift:latest
info: Mirroring completed in 390ms (5.426MB/s)
- 在目标“registry.example.internal”上運作hello-openshift鏡像,确認容器啟動成功。
$ curl -u openshift:redhat https://registry.example.internal:5000/v2/_catalog
{"repositories":["openshift/hello-openshift"}
$ docker run -it registry.example.internal:5000/openshift/hello-openshift
Unable to find image 'registry.example.internal:5000/openshift/hello-openshift:latest' locally
Trying to pull repository registry.example.internal:5000/openshift/hello-openshift ...
latest: Pulling from registry.example.internal:5000/openshift/hello-openshift
4f4fb700ef54: Pull complete
8b32988996c5: Pull complete
Digest: sha256:aaea76ff622d2f8bcb32e538e7b3cd0ef6d291953f3e7c9f556c1ba5baf47e2e
Status: Downloaded newer image for registry.example.internal:5000/openshift/hello-openshift:latest
serving on 8888
serving on 8080
通過skopeo指令複制鏡像
所需環境同上一節。執行以下指令,在目标“registry.example.internal”節點上用skopeo指令複制“registry.domain.com”節點的openshift/hello-openshift鏡像,并改名為“openshift/my-hello-openshift”。
$ skopeo copy docker://${SOURCE}:5000/openshift/hello-openshift docker://${TARGET}:5000/openshift/my-hello-openshift --src-creds=user1:password1 --dest-creds=openshift:redhat
Getting image source signatures
Copying blob 8b32988996c5 done
Copying blob 4f4fb700ef54 done
Copying config 7af3297a3f done
Writing manifest to image destination
Storing signatures
$ curl -u openshift:redhat https://${TARGET}:5000/v2/_catalog
{"repositories":["openshift/my-hello-openshift"}
![docker run mysql 報錯:ERROR 2002 (HY000)[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)