Browse Source
Add manage-offline-container-images.sh (#7024)
Add manage-offline-container-images.sh (#7024)
One challenge of offline deployment was how to collect necessary container images as a preparation. This adds a script to solve it.pull/7108/head
Kenichi Omichi
3 years ago
committed by
GitHub
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 180 additions and 0 deletions
Split View
Diff Options
-
21contrib/offline/README.md
-
1contrib/offline/docker-daemon.json
-
150contrib/offline/manage-offline-container-images.sh
-
8contrib/offline/registries.conf
@ -0,0 +1,21 @@ |
|||
# Container image collecting script for offline deployment |
|||
|
|||
This script has two features: |
|||
(1) Get container images from an environment which is deployed online. |
|||
(2) Deploy local container registry and register the container images to the registry. |
|||
|
|||
Step(1) should be done online site as a preparation, then we bring the gotten images |
|||
to the target offline environment. |
|||
Then we will run step(2) for registering the images to local registry. |
|||
|
|||
Step(1) can be operated with: |
|||
|
|||
```shell |
|||
$ ./manage-offline-container-images.sh create |
|||
``` |
|||
|
|||
Step(2) can be operated with: |
|||
|
|||
```shell |
|||
$ ./manage-offline-container-images.sh register |
|||
``` |
|||
@ -0,0 +1 @@ |
|||
{ "insecure-registries":["HOSTNAME:5000"] } |
|||
@ -0,0 +1,150 @@ |
|||
#!/bin/bash |
|||
|
|||
OPTION=$1 |
|||
CURRENT_DIR=$(cd $(dirname $0); pwd) |
|||
TEMP_DIR="${CURRENT_DIR}/temp" |
|||
|
|||
IMAGE_TAR_FILE="${CURRENT_DIR}/container-images.tar.gz" |
|||
IMAGE_DIR="${CURRENT_DIR}/container-images" |
|||
IMAGE_LIST="${IMAGE_DIR}/container-images.txt" |
|||
RETRY_COUNT=5 |
|||
|
|||
function create_container_image_tar() { |
|||
set -e |
|||
|
|||
IMAGES=$(kubectl describe pods --all-namespaces | grep " Image:" | awk '{print $2}' | sort | uniq) |
|||
# NOTE: etcd and pause cannot be seen as pods. |
|||
# The pause image is used for --pod-infra-container-image option of kubelet. |
|||
EXT_IMAGES=$(kubectl cluster-info dump | egrep "quay.io/coreos/etcd:|k8s.gcr.io/pause:" | sed s@\"@@g) |
|||
IMAGES="${IMAGES} ${EXT_IMAGES}" |
|||
|
|||
rm -f ${IMAGE_TAR_FILE} |
|||
rm -rf ${IMAGE_DIR} |
|||
mkdir ${IMAGE_DIR} |
|||
cd ${IMAGE_DIR} |
|||
|
|||
sudo docker pull registry:latest |
|||
sudo docker save -o registry-latest.tar registry:latest |
|||
|
|||
for image in ${IMAGES} |
|||
do |
|||
FILE_NAME="$(echo ${image} | sed s@"/"@"-"@g | sed s/":"/"-"/g)".tar |
|||
set +e |
|||
for step in $(seq 1 ${RETRY_COUNT}) |
|||
do |
|||
sudo docker pull ${image} |
|||
if [ $? -eq 0 ]; then |
|||
break |
|||
fi |
|||
echo "Failed to pull ${image} at step ${step}" |
|||
if [ ${step} -eq ${RETRY_COUNT} ]; then |
|||
exit 1 |
|||
fi |
|||
done |
|||
set -e |
|||
sudo docker save -o ${FILE_NAME} ${image} |
|||
|
|||
# NOTE: Here removes the following repo parts from each image |
|||
# so that these parts will be replaced with Kubespray. |
|||
# - kube_image_repo: "k8s.gcr.io" |
|||
# - gcr_image_repo: "gcr.io" |
|||
# - docker_image_repo: "docker.io" |
|||
# - quay_image_repo: "quay.io" |
|||
FIRST_PART=$(echo ${image} | awk -F"/" '{print $1}') |
|||
if [ "${FIRST_PART}" = "k8s.gcr.io" ] || |
|||
[ "${FIRST_PART}" = "gcr.io" ] || |
|||
[ "${FIRST_PART}" = "docker.io" ] || |
|||
[ "${FIRST_PART}" = "quay.io" ]; then |
|||
image=$(echo ${image} | sed s@"${FIRST_PART}/"@@) |
|||
fi |
|||
echo "${FILE_NAME} ${image}" >> ${IMAGE_LIST} |
|||
done |
|||
|
|||
cd .. |
|||
sudo chown ${USER} ${IMAGE_DIR}/* |
|||
tar -zcvf ${IMAGE_TAR_FILE} ./container-images |
|||
rm -rf ${IMAGE_DIR} |
|||
|
|||
echo "" |
|||
echo "${IMAGE_TAR_FILE} is created to contain your container images." |
|||
echo "Please keep this file and bring it to your offline environment." |
|||
} |
|||
|
|||
function register_container_images() { |
|||
if [ ! -f ${IMAGE_TAR_FILE} ]; then |
|||
echo "${IMAGE_TAR_FILE} should exist." |
|||
exit 1 |
|||
fi |
|||
if [ ! -d ${TEMP_DIR} ]; then |
|||
mkdir ${TEMP_DIR} |
|||
fi |
|||
|
|||
# To avoid "http: server gave http response to https client" error. |
|||
LOCALHOST_NAME=$(hostname) |
|||
if [ -d /etc/docker/ ]; then |
|||
set -e |
|||
# Ubuntu18.04, RHEL7/CentOS7 |
|||
cp ${CURRENT_DIR}/docker-daemon.json ${TEMP_DIR}/docker-daemon.json |
|||
sed -i s@"HOSTNAME"@"${LOCALHOST_NAME}"@ ${TEMP_DIR}/docker-daemon.json |
|||
sudo cp ${TEMP_DIR}/docker-daemon.json /etc/docker/daemon.json |
|||
elif [ -d /etc/containers/ ]; then |
|||
set -e |
|||
# RHEL8/CentOS8 |
|||
cp ${CURRENT_DIR}/registries.conf ${TEMP_DIR}/registries.conf |
|||
sed -i s@"HOSTNAME"@"${LOCALHOST_NAME}"@ ${TEMP_DIR}/registries.conf |
|||
sudo cp ${TEMP_DIR}/registries.conf /etc/containers/registries.conf |
|||
else |
|||
echo "docker package(docker-ce, etc.) should be installed" |
|||
exit 1 |
|||
fi |
|||
|
|||
tar -zxvf ${IMAGE_TAR_FILE} |
|||
sudo docker load -i ${IMAGE_DIR}/registry-latest.tar |
|||
sudo docker run --restart=always -d -p 5000:5000 --name registry registry:latest |
|||
set +e |
|||
|
|||
set -e |
|||
while read -r line; do |
|||
file_name=$(echo ${line} | awk '{print $1}') |
|||
org_image=$(echo ${line} | awk '{print $2}') |
|||
new_image="${LOCALHOST_NAME}:5000/${org_image}" |
|||
image_id=$(tar -tf ${IMAGE_DIR}/${file_name} | grep "\.json" | grep -v manifest.json | sed s/"\.json"//) |
|||
sudo docker load -i ${IMAGE_DIR}/${file_name} |
|||
sudo docker tag ${image_id} ${new_image} |
|||
sudo docker push ${new_image} |
|||
done <<< "$(cat ${IMAGE_LIST})" |
|||
|
|||
echo "Succeeded to register container images to local registry." |
|||
echo "Please specify ${LOCALHOST_NAME}:5000 for the following options in your inventry:" |
|||
echo "- kube_image_repo" |
|||
echo "- gcr_image_repo" |
|||
echo "- docker_image_repo" |
|||
echo "- quay_image_repo" |
|||
} |
|||
|
|||
if [ "${OPTION}" == "create" ]; then |
|||
create_container_image_tar |
|||
elif [ "${OPTION}" == "register" ]; then |
|||
register_container_images |
|||
else |
|||
echo "This script has two features:" |
|||
echo "(1) Get container images from an environment which is deployed online." |
|||
echo "(2) Deploy local container registry and register the container images to the registry." |
|||
echo "" |
|||
echo "Step(1) should be done online site as a preparation, then we bring" |
|||
echo "the gotten images to the target offline environment." |
|||
echo "Then we will run step(2) for registering the images to local registry." |
|||
echo "" |
|||
echo "${IMAGE_TAR_FILE} is created to contain your container images." |
|||
echo "Please keep this file and bring it to your offline environment." |
|||
echo "" |
|||
echo "Step(1) can be operated with:" |
|||
echo " $ ./manage-offline-container-images.sh create" |
|||
echo "" |
|||
echo "Step(2) can be operated with:" |
|||
echo " $ ./manage-offline-container-images.sh register" |
|||
echo "" |
|||
echo "Please specify 'create' or 'register'." |
|||
echo "" |
|||
exit 1 |
|||
fi |
|||
@ -0,0 +1,8 @@ |
|||
[registries.search] |
|||
registries = ['registry.access.redhat.com', 'registry.redhat.io', 'docker.io'] |
|||
|
|||
[registries.insecure] |
|||
registries = ['HOSTNAME:5000'] |
|||
|
|||
[registries.block] |
|||
registries = [] |
|||
Write
Preview
Loading…
Cancel
Save