go docker API（一）-docker开放远程AIP、链接docker API，镜像操作

合集 - 【应用卷】----------------------------(9)

1.go调用docker远程API（二）-docker API 的容器操作2023-04-03

2.go docker API（一）-docker开放远程AIP、链接docker API，镜像操作2023-03-30

3.01-链接k8s集群、node节点操作2022-10-144.02-Namespace操作2022-10-185.03-Deployment操作2022-10-226.04-Deployment挂载configmap、pvc、host path2023-05-057.04-Service操作2022-10-268.05-ConfigMap操作2022-10-279.06-PVC操作2023-05-23

收起

文章目录

• 1. 准备
• • 1.1 docker开放远程API端口
  • 1.2 防火墙策略
• 2. 链接docker
• • 2.1 语法
  • 2.2 常用 ops
  • 2.3 完整示例
• 3. 镜像操作
• • 3.1 获取镜像列表
  • 3.2 获取指定镜像信息
  • 3.3 镜像拉取
  • 3.4 拉取私有仓库镜像
  • 3.5 修改 REPOSITORY:TAG
  • 3.6 删除镜像

1. 准备

1.1 docker开放远程API端口

• 修改/etc/systemd/system/docker.service文件

注释原来的ExecStart，添加一行新的如下：

#ExecStart=/usr/bin/dockerd
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock

说明：

• 第一个 -H tcp://0.0.0.0:2375是远程调用
• 第二个 -H unix:///var/run/docker.sock是本地调用（如果不写本地将不能调用）

• 重新启动docker

[root@liubei-test ~]# systemctl daemon-reload
[root@liubei-test ~]# systemctl restart docker.service

• 查看结果

[root@liubei-test ~]# netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
……
tcp6       0      0 :::2375                 :::*                    LISTEN      5632/dockerd
……
>2379这个端口是docker的api端口

1.2 防火墙策略

• docker API需要对应的安全策略
• tls策略，如果控制大量虚拟机，没有内部DNS的情况似乎并不好用
  因此建议此时使用防火墙策略：

iptables -P INPUT ACCEPT
iptables -I INPUT -p tcp --dport 2375 -j DROP
iptables -I INPUT -p tcp --dport 2375 -s  10.10.87.18 -j ACCEPT

2. 链接docker

2.1 语法

• 语法

func NewClientWithOpts(ops ...Opt) (*Client, error)

• 语法示例

cli, err = client.NewClientWithOpts(client.WithAPIVersionNegotiation(), client.WithHost("tcp://10.10.239.32:2375"))

client.WithAPIVersionNegotiation()如是——协商API版本，如果不添加，可能会报错，比如：

2023/03/14 13:55:53 Error response from daemon: client version 1.42 is too new. Maximum supported API version is 1.40

2.2 常用 ops

• 协商API版本

client.WithAPIVersionNegotiation()

• 超时设置

client.WithTimeout(10*time.Second)

如果后边查看实时日志用这个会自动断开

2.3 完整示例

• 完整代码

package main
 
import (
	"context"
	"fmt"
	"github.com/docker/docker/api/types"
	"github.com/docker/docker/client"
	"log"
)
 
 
func main() {
	cli, err := ConnectDocker()
	if err != nil {
		fmt.Println(err)
	} else {
		fmt.Println("docker API 链接成功")
	}
}
 
func ConnectDocker() (cli *client.Client, err error) {
	cli, err = client.NewClientWithOpts(client.WithAPIVersionNegotiation(), client.WithHost("tcp://10.10.239.32:2375"))
	if err != nil {
		fmt.Println(err)
		return nil, err
	}
 
	return cli, nil
}
 

3. 镜像操作

3.1 获取镜像列表

• 语法

func (cli *Client) ImageList(ctx context.Context, options ImageListOptions) ([]ImageSummary, error)

• 语法示例

	ctx := context.Background()
	images, err := cli.ImageList(ctx, types.ImageListOptions{All: true})

• 完整示例

 
import (
	"bufio"
	"context"
	"fmt"
	"github.com/docker/docker/api/types"
	"github.com/docker/docker/client"
	"io"
	"log"
	"os"
)
 
func main() {
	cli, err := ConnectDocker()
	defer cli.Close()
	if err != nil {
		fmt.Println(err)
	} else {
		fmt.Println("docker 链接成功")
	}
	
	err = GetImageList(cli)
	if err != nil {
		fmt.Println(err)
	}
}
 
// ConnectDocker
// 链接docker
func ConnectDocker() (cli *client.Client, err error) {
	cli, err = client.NewClientWithOpts(client.WithAPIVersionNegotiation(), client.WithHost("tcp://10.10.239.32:2375"))
	if err != nil {
		fmt.Println(err)
		return nil, err
	}
 
	return cli, nil
}
 
// GetImageList
// 获取镜像列表
func GetImageList(cli *client.Client) error {
	ctx := context.Background()
	images, err := cli.ImageList(ctx, types.ImageListOptions{All: true})
	if err != nil {
		return err
	}
	//打印结果
	for _, image := range images {
		fmt.Printf("================\n%q %q\n", image.RepoTags, image.ID)
	}
	return nil
}
 

• 结果输出

docker 链接成功
================
["harbocto.xxx.com.cn/crow/crow-qin:latest"] "sha256:04f135a90290c42b8cf9b52395c04753b4d9ed48ddae7c714a0eccdf8acd9682"
================
[] "sha256:b8f6736f7d1cee3e993bf0ba2a308fb747ed25dbd98fa2a2aba23b726cd8311b"
================
……

3.2 获取指定镜像信息

• 语法

func (cli *Client) ImageInspectWithRaw(ctx context.Context, imageID string) (ImageInspect, []byte, error)

• 语法示例

imageInfo,imageInfoByte, err = cli.ImageInspectWithRaw(ctx, imageID)

• 完整示例

package main
 
import (
	"context"
	"fmt"
	"github.com/docker/docker/api/types"
	"github.com/docker/docker/client"
)
 
func main() {
	cli, err := ConnectDocker()
	if err != nil {
		fmt.Println(err)
	} else {
		fmt.Println("docker 链接成功")
	}
	imageId := "04f135a90290"
	imageInfo, err := GetImage(cli, imageId)
	if err != nil {
		fmt.Println(err)
		return
	}
 
	fmt.Printf("查询到镜像 %q", imageInfo.RepoTags)
}
 
func GetImage(cli *client.Client, imageID string) (imageInfo types.ImageInspect, err error) {
	ctx := context.Background()
	imageInfo, _, err = cli.ImageInspectWithRaw(ctx, imageID)
	if err != nil {
		return imageInfo, err
	}
	return imageInfo, nil
}

• 结果显示

docker 链接成功
查询到镜像 ["harbocto.xxx.com.cn/crow-test/crow-qin:latest" "harbocto.xxx.com.cn/crow/crow-qin:latest"]

结果可见，改id的镜像有两个RepoTag

3.3 镜像拉取

• 语法

func (cli *Client) ImagePull(ctx context.Context, refStr string, options ImagePullOptions) (io.ReadCloser, error)

• 语法示例

	ctx := context.Background()
	reader, err := Cli.ImagePull(ctx, imageName, types.ImagePullOptions{})

• 完整示例

package main
 
import (
	"context"
	"fmt"
	"github.com/docker/docker/api/types"
	"github.com/docker/docker/client"
	"io"
	"os"
)
 
var Cli *client.Client
 
func main() {
	cli, err := ConnectDocker()
	if err != nil {
		fmt.Println(err)
	} else {
		fmt.Println("docker 链接成功")
	}
	//GetContainers()
	err = PullImage(cli, "harbocto.xxx.com.cn/public/redis:6.2.6")
	if err != nil {
		fmt.Println(err)
	}
}
 
// ConnectDocker
// 链接docker
func ConnectDocker() (cli *client.Client, err error) {
	cli, err = client.NewClientWithOpts(client.WithAPIVersionNegotiation(), client.WithHost("tcp://10.10.239.32:2375"))
	if err != nil {
		fmt.Println(err)
		return nil, err
	}
 
	return cli, nil
}
 
// PullImage
// 拉取指定镜像
func PullImage(cli *client.Client, imageName string) error {
	ctx := context.Background()
 
	reader, err := cli.ImagePull(ctx, imageName, types.ImagePullOptions{})
	if err != nil {
		fmt.Println(err)
	}
 
	_, err = io.Copy(os.Stdout, reader)
	if err != nil {
		return err
	}
 
	return nil
}

输出

docker 链接成功
{"status":"Pulling from public/redis","id":"6.2.6"}
{"status":"Pulling fs layer","progressDetail":{},"id":"a2abf6c4d29d"}
{"status":"Pulling fs layer","progressDetail":{},"id":"c7a4e4382001"}
……
{"status":"Extracting","progressDetail":{"current":409,"total":409},"progress":"[==================================================\u003e]     409B/409B","id":"1abfd3011519"}
{"status":"Pull complete","progressDetail":{},"id":"1abfd3011519"}
{"status":"Digest: sha256:563888f63149e3959860264a1202ef9a644f44ed6c24d5c7392f9e2262bd3553"}
{"status":"Status: Downloaded newer image for harbocto.boe.com.cn/public/redis:6.2.6"}
镜像拉取成功

3.4 拉取私有仓库镜像

• 语法
  同镜像拉取，添加RegistryAuth参数
• 语法示例

out, err := cli.ImagePull(ctx, imageName, types.ImagePullOptions{RegistryAuth: authStr})

• 完整示例

package main
 
import (
	"context"
	"encoding/base64"
	"encoding/json"
	"fmt"
	"github.com/docker/docker/api/types"
	"github.com/docker/docker/client"
	"io"
	"os"
)
 
func main() {
	cli, err := ConnectDocker()
	if err != nil {
		fmt.Println(err)
	} else {
		fmt.Println("docker 链接成功")
	}
 
	err = PullPrivateImage(cli, "harbocto.boe.com.cn/crow-test/crow-qin")
	if err != nil {
		fmt.Println(err)
	}
	//, "48bcf68112"
}
 
// PullPrivateImage
// 拉取私有仓库的镜像
func PullPrivateImage(cli *client.Client, imageName string) error {
	ctx := context.Background()
	authConf := types.AuthConfig{
		Username: "10264953",
		Password: "30gmcyt8Kllyhy",
	}
	encodeJson, _ := json.Marshal(authConf)
	authStr := base64.StdEncoding.EncodeToString(encodeJson)
	out, err := cli.ImagePull(ctx, imageName, types.ImagePullOptions{RegistryAuth: authStr})
	if err != nil {
		fmt.Println(err)
		return err
	}
	defer out.Close()
	_, err = io.Copy(os.Stdout, out)
	if err != nil {
		return err
	}
 
	return nil
}

3.5 修改 REPOSITORY:TAG

• 语法

func (cli *Client) ImageTag(ctx context.Context, source string, target string) error

• 语法示例

	ctx := context.Background()
    err := cli.ImageTag(ctx, "harbocto.boe.com.cn/crow/crow-qin", "harbocto.boe.com.cn/public/crow-qin:0323")

• 完整示例

package main
 
import (
	"context"
	"fmt"
	"github.com/docker/docker/client"
)
 
func main() {
	cli, err := ConnectDocker()
	if err != nil {
		fmt.Println(err)
	} else {
		fmt.Println("docker 链接成功")
	}
 
	err = AddNewTag(cli, "harbocto.boe.com.cn/crow/crow-qin", "harbocto.boe.com.cn/public/crow-qin:0323")
	if err != nil {
		fmt.Println(err)
		return
	}
	fmt.Println("REPOSITORY:TAG 添加成功")
}
 
func AddNewTag(cli *client.Client, sourceImageName string, newImageName string) error {
	ctx := context.Background()
	err := cli.ImageTag(ctx, sourceImageName, newImageName)
	if err != nil {
		return err
	}
	return nil
}

• 输出

docker 链接成功
REPOSITORY:TAG 添加成功

3.6 删除镜像

• 语法

func (cli *Client) ImageRemove(ctx context.Context, imageID string, options ImageRemoveOptions) ([]ImageDeleteResponseItem, error)

• 语法示例

	ctx := context.Background()
	imageDeleteResponseItems, err = cli.ImageRemove(ctx, imageId, types.ImageRemoveOptions{Force: true})

• 完整示例

package main
 
import (
	"context"
	"fmt"
	"github.com/docker/docker/api/types"
	"github.com/docker/docker/client"
)
 
func main() {
	cli, err := ConnectDocker()
	if err != nil {
		fmt.Println(err)
	} else {
		fmt.Println("docker 链接成功")
	}
 
	imageDeleteResponseItems, err := DeleteImage(cli, "04f135a90290")
	if err != nil {
		fmt.Println(err)
		return
	}
	fmt.Println("==== 被删除的 REPOSITORY:TAG ====\n", imageDeleteResponseItems)
}
 
func DeleteImage(cli *client.Client, imageId string) (imageDeleteResponseItems []types.ImageDeleteResponseItem, err error) {
	ctx := context.Background()
	imageDeleteResponseItems, err = cli.ImageRemove(ctx, imageId, types.ImageRemoveOptions{Force: true})
	if err != nil {
		fmt.Println(err)
		return imageDeleteResponseItems, err
	}
	return imageDeleteResponseItems, nil
}

输出

docker 链接成功
==== 被删除的 REPOSITORY:TAG ====
 [{ harbocto.boe.com.cn/crow-test/crow-qin:latest} { harbocto.boe.com.cn/crow-test/crow-qin@sha256:5891ae5e691914196af46e869a6cba45c6e53266b4110b85c5c37385cc3b6b84} { harbocto.boe.com.cn/crow/crow-qin:latest} { harbocto.boe
.com.cn/crow/crow-qin@sha256:5891ae5e691914196af46e869a6cba45c6e53266b4110b85c5c37385cc3b6b84} { harbocto.boe.com.cn/public/crow-qin:0323} { harbocto.boe.com.cn/public/crow-qin:latest} {sha256:04f135a90290c42b8cf9b52395c047
53b4d9ed48ddae7c714a0eccdf8acd9682 } {sha256:b823e639a7311f26a530dad46f8ac237412fb28455213bd10f1167920e3afcd4 } {sha256:28b4ee770c69121697cce33f6c52990920c3023b4cc2cf14711e2e489ea5259f } {sha256:42197fd514211b6e3d9f10f9afcd
4ad95620371f22f16656fd671e446c3e3a1e } {sha256:89ae5c4ee501a09c879f5b58474003539ab3bb978a553af2a4a6a7de248b5740 }]

---