Docker Python API – 标记容器
我正在使用AWS ECR回购的Docker。 他们要求你做的一个步骤是运行“docker标签”来标记一个标签,该标签包含一个“完全合格”的位置,图像将存储在ECR中。
我正在努力将一个脚本迁移到Python API(而不是对docker客户端进行shell调用)。 我无法在https://docker-py.readthedocs.io/en/stable/images.html的API文档中find相应的“docker tag”。
有人能指出我正确的方向吗?
这些是您可以用来构build和标记图像的步骤。
import docker tag = 'latest' # or whatever you want client = docker.from_env() # identifier of the image on your system dockername = "%s:%s" % (<name of the image on your system>, <tag>) # the target identifier target = "%s:%d/%s" % (<registry address>, <registry_port>, <id or name of the image>) # the url is usually unix://var/run/docker.sock' but depends on your environment cli = docker.APIClient(base_url=<the daemon\'s url or socket>) # build the image cli.build(path=..., tag=dockername, pull=..., buildargs=...) # tag it image = client.images.get(dockername) image.tag(target, tag=tag)
对于那些在AWS中使用ECR / ECS的人,下面是一个例子。
Amazon在ECR中提供了这样的说明来推送您的图像:
aws ecr get-login --no-include-email --region us-west-2 docker build -t myproj . docker tag calclab:latest XXXXXXXXXX.dkr.ecr.us-west-2.amazonaws.com/myproj:latest docker push XXXXXXXXXX.dkr.ecr.us-west-2.amazonaws.com/myproj:latest
以下是使用Docker Python API和Boto(AWS的Python库)的大致等价物。 它包括在ECR中标记图像两次,以便跟踪每个图像的版本号,同时跟踪最新的内容(所以我的ECS任务可以在默认情况下始终抓取最新的图像)
import docker import boto3 def ecrDemo(version_number): # The ECR Repository URI repo = XXXXXXXXXX.dkr.ecr.us-west-2.amazonaws.com/myproj # The name of the [profile] stored in .aws/credentials profile = "sandbox" # The region your ECR repo is in region = "us-west-2" # How you want to tag your project locally local_tag = "myproj" #Set up a session session = boto3.Session(profile_name=profile, region_name=region) ecr = session.client('ecr') docker_api = docker.APIClient() print "Building image " + local_tag for line in docker_api.build(path='.', tag=local_tag, stream=True, \ dockerfile='./Dockerfile.myproj'): process_docker_api_line(line) # Make auth call and parse out results auth = ecr.get_authorization_token() token = auth["authorizationData"][0]["authorizationToken"] username, password = b64decode(token).split(':') endpoint = auth["authorizationData"][0]["proxyEndpoint"] # print "Make authentication call" # docker_api.login(username=user, password=password, \ # registry=endpoint, reauth=True) auth_config_payload = {'username': username, 'password': password} version_tag = repo + ':latest' latest_tag = repo + ':' + version_number print "Tagging version " + version_tag if docker_api.tag(local_tag, version_tag) is False: raise RuntimeError("Tag appeared to fail: " + version_tag) print "Tagging latest " + latest_tag if docker_api.tag(local_tag, latest_tag) is False: raise RuntimeError("Tag appeared to fail: " + tag_latest) print "Pushing to repo " + version_tag for line in docker_api.push(version_tag, stream=True, auth_config=auth_config_payload): self.process_docker_api_line(line) print "Pushing to repo " + latest_tag for line in docker_api.push(latest_tag, stream=True, auth_config=auth_config_payload): self.process_docker_api_line(line) print "Removing taged deployment images" # You will still have the local_tag image if you need to troubleshoot docker_api.remove_image(version_tag, force=True) docker_api.remove_image(latest_tag, force=True) def process_docker_api_line(payload): """ Process the output from API stream, throw an Exception if there is an error """ # Sometimes Docker sends to "{}\n" blocks together... for segment in payload.split('\n'): line = segment.strip() if line: try: line_payload = json.loads(line) except ValueError as ex: print "Could not decipher payload from API: " + ex.message if line_payload: if "errorDetail" in line_payload: error = line_payload["errorDetail"] sys.stderr.write(error["message"]) raise RuntimeError("Error on build - code " + `error["code"]`) elif "stream" in line_payload: sys.stdout.write(line_payload["stream"])