1. 首页
  2. 问答
  3. Docker Python API - 标记容器

Docker Python API - 标记容器

2017-08-23 34 views
0

我使用Docker与AWS ECR回购。他们要求你做的其中一个步骤是运行“码头标签”来标记带有标签的构建图像,该标签包含图像将存储在ECR中的“完全合格”位置。Docker Python API - 标记容器

我正在努力将脚本迁移到Python API(而不是对docker客户端执行shell调用)。我无法在https://docker-py.readthedocs.io/en/stable/images.html的API文档中找到相应的“码头标签”。

有人可以指出我正确的方向吗?

来源

2017-08-23 Jason

+1

使用'低级别的API:'https:// docker-py.readthedocs.io/en/stable/api.html#module-docker.api.image'有一个'tag()'方法。 – AChampion

回答

1

对于那些在AWS中使用ECR/ECS的人,下面是一个如何解决这个问题的例子。

Amazon提供这样的ECR说明把你的图片:

aws ecr get-login --no-include-email --region us-west-2 
docker build -t myproj . 
docker tag calclab:latest XXXXXXXXXX.dkr.ecr.us-west-2.amazonaws.com/myproj:latest 
docker push XXXXXXXXXX.dkr.ecr.us-west-2.amazonaws.com/myproj:latest

下面是使用Python的泊坞窗API和宝途(AWS的Python库)大致相当于。它包括在ECR标记的图像两次,这样我可以跟踪每个图像的版本号,同时跟踪最新的是什么(所以我ECS任务可以在默认情况下,总是抢最新的图像)

import docker 
import boto3 

def ecrDemo(version_number): 

    # The ECR Repository URI 
    repo = XXXXXXXXXX.dkr.ecr.us-west-2.amazonaws.com/myproj 
    # The name of the [profile] stored in .aws/credentials 
    profile = "sandbox" 
    # The region your ECR repo is in 
    region = "us-west-2" 
    # How you want to tag your project locally 
    local_tag = "myproj" 

    #Set up a session 
    session = boto3.Session(profile_name=profile, region_name=region) 
    ecr = session.client('ecr') 

    docker_api = docker.APIClient() 

    print "Building image " + local_tag 
    for line in docker_api.build(path='.', tag=local_tag, stream=True, \ 
     dockerfile='./Dockerfile.myproj'): 
     process_docker_api_line(line) 

    # Make auth call and parse out results 
    auth = ecr.get_authorization_token() 
    token = auth["authorizationData"][0]["authorizationToken"] 
    username, password = b64decode(token).split(':') 
    endpoint = auth["authorizationData"][0]["proxyEndpoint"] 

    # print "Make authentication call" 
    # docker_api.login(username=user, password=password, \ 
    #    registry=endpoint, reauth=True) 
    auth_config_payload = {'username': username, 'password': password} 



    version_tag = repo + ':latest' 
    latest_tag = repo + ':' + version_number 

    print "Tagging version " + version_tag 
    if docker_api.tag(local_tag, version_tag) is False: 
     raise RuntimeError("Tag appeared to fail: " + version_tag) 

    print "Tagging latest " + latest_tag 
    if docker_api.tag(local_tag, latest_tag) is False: 
     raise RuntimeError("Tag appeared to fail: " + tag_latest) 

    print "Pushing to repo " + version_tag 
    for line in docker_api.push(version_tag, stream=True, auth_config=auth_config_payload): 
     self.process_docker_api_line(line) 

    print "Pushing to repo " + latest_tag 
    for line in docker_api.push(latest_tag, stream=True, auth_config=auth_config_payload): 
     self.process_docker_api_line(line) 

    print "Removing taged deployment images" 
    # You will still have the local_tag image if you need to troubleshoot 
    docker_api.remove_image(version_tag, force=True) 
    docker_api.remove_image(latest_tag, force=True) 

def process_docker_api_line(payload): 
    """ Process the output from API stream, throw an Exception if there is an error """ 
    # Sometimes Docker sends to "{}\n" blocks together... 
    for segment in payload.split('\n'): 
     line = segment.strip() 
     if line: 
      try: 
       line_payload = json.loads(line) 
      except ValueError as ex: 
       print "Could not decipher payload from API: " + ex.message 
      if line_payload: 
       if "errorDetail" in line_payload: 
        error = line_payload["errorDetail"] 
        sys.stderr.write(error["message"]) 
        raise RuntimeError("Error on build - code " + `error["code"]`) 
       elif "stream" in line_payload: 
        sys.stdout.write(line_payload["stream"])

来源

2017-08-23 16:28:22 Jason

+0

这真是太好了,我正准备发布一个问题(如果这就是需要的话),但我需要使用API​​从AWS ECR中提取/推送图像,所以我不能使用经典码头登录功能使用这里发布的方法。 如果你有一个很好的开箱即用的例子,或者只是使用命令或API名称可以为我节省一些麻烦。 –

+0

嗨,除了上面的函数包含一个构建并且不包含项目的回购或凭证这一事实之外,您还需要哪些额外的信息? – Jason

+0

嗨贾森像我说的那样很棒,给了我一个很大的开端(明天就开始工作..)我需要做的是从AWS ECR中拉出图像,重新标记图像并将其推送到另一个ECR(可能另一个地区或帐户)。 我想我错过了上面代码中的pull命令 –

1

这些是您可以用来构建和标记图像的步骤。

import docker 
tag = 'latest' # or whatever you want 
client = docker.from_env() 
# identifier of the image on your system 
dockername = "%s:%s" % (<name of the image on your system>, <tag>) 
# the target identifier 
target = "%s:%d/%s" % (<registry address>, <registry_port>, <id or name of the image>) 

# the url is usually unix://var/run/docker.sock' but depends on your environment 
cli = docker.APIClient(base_url=<the daemon\'s url or socket>) 
# build the image 
cli.build(path=..., tag=dockername, pull=..., buildargs=...) 
# tag it 
image = client.images.get(dockername) 
image.tag(target, tag=tag)

来源

2017-08-23 12:34:05 Anis

+1

谢谢!当然,低级API是这个库的方式。我也能够监视诸如构建之类的事情的进展。 – Jason

相关问题

 相关问题