go docker API(一)-docker开放远程AIP、链接docker API,镜像操作

1. 准备

1.1 docker开放远程API端口

  • 修改/etc/systemd/system/docker.service文件

注释原来的ExecStart,添加一行新的如下:

#ExecStart=/usr/bin/dockerd
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock

说明:

  • 第一个 -H tcp://0.0.0.0:2375是远程调用
  • 第二个 -H unix:///var/run/docker.sock是本地调用(如果不写本地将不能调用)
  • 重新启动docker
[root@liubei-test ~]# systemctl daemon-reload
[root@liubei-test ~]# systemctl restart docker.service
  • 查看结果
[root@liubei-test ~]# netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
……
tcp6       0      0 :::2375                 :::*                    LISTEN      5632/dockerd
……
>2379这个端口是docker的api端口

1.2 防火墙策略

  • docker API需要对应的安全策略
  • tls策略,如果控制大量虚拟机,没有内部DNS的情况似乎并不好用
    因此建议此时使用防火墙策略:
iptables -P INPUT ACCEPT
iptables -I INPUT -p tcp --dport 2375 -j DROP
iptables -I INPUT -p tcp --dport 2375 -s  10.10.87.18 -j ACCEPT

2. 链接docker

2.1 语法

  • 语法
func NewClientWithOpts(ops ...Opt) (*Client, error)
  • 语法示例
cli, err = client.NewClientWithOpts(client.WithAPIVersionNegotiation(), client.WithHost("tcp://10.10.239.32:2375"))

client.WithAPIVersionNegotiation()如是——协商API版本,如果不添加,可能会报错,比如:

2023/03/14 13:55:53 Error response from daemon: client version 1.42 is too new. Maximum supported API version is 1.40

2.2 常用 ops

  • 协商API版本
client.WithAPIVersionNegotiation()
  • 超时设置
client.WithTimeout(10*time.Second)

如果后边查看实时日志用这个会自动断开

2.3 完整示例

  • 完整代码
package main

import (
	"context"
	"fmt"
	"github.com/docker/docker/api/types"
	"github.com/docker/docker/client"
	"log"
)


func main() {
	cli, err := ConnectDocker()
	if err != nil {
		fmt.Println(err)
	} else {
		fmt.Println("docker API 链接成功")
	}
}

func ConnectDocker() (cli *client.Client, err error) {
	cli, err = client.NewClientWithOpts(client.WithAPIVersionNegotiation(), client.WithHost("tcp://10.10.239.32:2375"))
	if err != nil {
		fmt.Println(err)
		return nil, err
	}

	return cli, nil
}

3. 镜像操作

3.1 获取镜像列表

  • 语法
func (cli *Client) ImageList(ctx context.Context, options ImageListOptions) ([]ImageSummary, error)
  • 语法示例
	ctx := context.Background()
	images, err := cli.ImageList(ctx, types.ImageListOptions{All: true})
  • 完整示例

import (
	"bufio"
	"context"
	"fmt"
	"github.com/docker/docker/api/types"
	"github.com/docker/docker/client"
	"io"
	"log"
	"os"
)

func main() {
	cli, err := ConnectDocker()
	defer cli.Close()
	if err != nil {
		fmt.Println(err)
	} else {
		fmt.Println("docker 链接成功")
	}
	
	err = GetImageList(cli)
	if err != nil {
		fmt.Println(err)
	}
}

// ConnectDocker
// 链接docker
func ConnectDocker() (cli *client.Client, err error) {
	cli, err = client.NewClientWithOpts(client.WithAPIVersionNegotiation(), client.WithHost("tcp://10.10.239.32:2375"))
	if err != nil {
		fmt.Println(err)
		return nil, err
	}

	return cli, nil
}

// GetImageList
// 获取镜像列表
func GetImageList(cli *client.Client) error {
	ctx := context.Background()
	images, err := cli.ImageList(ctx, types.ImageListOptions{All: true})
	if err != nil {
		return err
	}
	//打印结果
	for _, image := range images {
		fmt.Printf("================\n%q %q\n", image.RepoTags, image.ID)
	}
	return nil
}

  • 结果输出
docker 链接成功
================
["harbocto.xxx.com.cn/crow/crow-qin:latest"] "sha256:04f135a90290c42b8cf9b52395c04753b4d9ed48ddae7c714a0eccdf8acd9682"
================
[] "sha256:b8f6736f7d1cee3e993bf0ba2a308fb747ed25dbd98fa2a2aba23b726cd8311b"
================
……

3.2 获取指定镜像信息

  • 语法
func (cli *Client) ImageInspectWithRaw(ctx context.Context, imageID string) (ImageInspect, []byte, error)
  • 语法示例
imageInfo,imageInfoByte, err = cli.ImageInspectWithRaw(ctx, imageID)
  • 完整示例
package main

import (
	"context"
	"fmt"
	"github.com/docker/docker/api/types"
	"github.com/docker/docker/client"
)

func main() {
	cli, err := ConnectDocker()
	if err != nil {
		fmt.Println(err)
	} else {
		fmt.Println("docker 链接成功")
	}
	imageId := "04f135a90290"
	imageInfo, err := GetImage(cli, imageId)
	if err != nil {
		fmt.Println(err)
		return
	}

	fmt.Printf("查询到镜像 %q", imageInfo.RepoTags)
}

func GetImage(cli *client.Client, imageID string) (imageInfo types.ImageInspect, err error) {
	ctx := context.Background()
	imageInfo, _, err = cli.ImageInspectWithRaw(ctx, imageID)
	if err != nil {
		return imageInfo, err
	}
	return imageInfo, nil
}
  • 结果显示
docker 链接成功
查询到镜像 ["harbocto.xxx.com.cn/crow-test/crow-qin:latest" "harbocto.xxx.com.cn/crow/crow-qin:latest"]

结果可见,改id的镜像有两个RepoTag

3.3 镜像拉取

  • 语法
func (cli *Client) ImagePull(ctx context.Context, refStr string, options ImagePullOptions) (io.ReadCloser, error)
  • 语法示例
	ctx := context.Background()
	reader, err := Cli.ImagePull(ctx, imageName, types.ImagePullOptions{})
  • 完整示例
package main

import (
	"context"
	"fmt"
	"github.com/docker/docker/api/types"
	"github.com/docker/docker/client"
	"io"
	"os"
)

var Cli *client.Client

func main() {
	cli, err := ConnectDocker()
	if err != nil {
		fmt.Println(err)
	} else {
		fmt.Println("docker 链接成功")
	}
	//GetContainers()
	err = PullImage(cli, "harbocto.xxx.com.cn/public/redis:6.2.6")
	if err != nil {
		fmt.Println(err)
	}
}

// ConnectDocker
// 链接docker
func ConnectDocker() (cli *client.Client, err error) {
	cli, err = client.NewClientWithOpts(client.WithAPIVersionNegotiation(), client.WithHost("tcp://10.10.239.32:2375"))
	if err != nil {
		fmt.Println(err)
		return nil, err
	}

	return cli, nil
}

// PullImage
// 拉取指定镜像
func PullImage(cli *client.Client, imageName string) error {
	ctx := context.Background()

	reader, err := cli.ImagePull(ctx, imageName, types.ImagePullOptions{})
	if err != nil {
		fmt.Println(err)
	}

	_, err = io.Copy(os.Stdout, reader)
	if err != nil {
		return err
	}

	return nil
}

输出

docker 链接成功
{"status":"Pulling from public/redis","id":"6.2.6"}
{"status":"Pulling fs layer","progressDetail":{},"id":"a2abf6c4d29d"}
{"status":"Pulling fs layer","progressDetail":{},"id":"c7a4e4382001"}
……
{"status":"Extracting","progressDetail":{"current":409,"total":409},"progress":"[==================================================\u003e]     409B/409B","id":"1abfd3011519"}
{"status":"Pull complete","progressDetail":{},"id":"1abfd3011519"}
{"status":"Digest: sha256:563888f63149e3959860264a1202ef9a644f44ed6c24d5c7392f9e2262bd3553"}
{"status":"Status: Downloaded newer image for harbocto.boe.com.cn/public/redis:6.2.6"}
镜像拉取成功

3.4 拉取私有仓库镜像

  • 语法
    同镜像拉取,添加RegistryAuth参数
  • 语法示例
out, err := cli.ImagePull(ctx, imageName, types.ImagePullOptions{RegistryAuth: authStr})
  • 完整示例
package main

import (
	"context"
	"encoding/base64"
	"encoding/json"
	"fmt"
	"github.com/docker/docker/api/types"
	"github.com/docker/docker/client"
	"io"
	"os"
)

func main() {
	cli, err := ConnectDocker()
	if err != nil {
		fmt.Println(err)
	} else {
		fmt.Println("docker 链接成功")
	}

	err = PullPrivateImage(cli, "harbocto.boe.com.cn/crow-test/crow-qin")
	if err != nil {
		fmt.Println(err)
	}
	//, "48bcf68112"
}

// PullPrivateImage
// 拉取私有仓库的镜像
func PullPrivateImage(cli *client.Client, imageName string) error {
	ctx := context.Background()
	authConf := types.AuthConfig{
		Username: "10264953",
		Password: "30gmcyt8Kllyhy",
	}
	encodeJson, _ := json.Marshal(authConf)
	authStr := base64.StdEncoding.EncodeToString(encodeJson)
	out, err := cli.ImagePull(ctx, imageName, types.ImagePullOptions{RegistryAuth: authStr})
	if err != nil {
		fmt.Println(err)
		return err
	}
	defer out.Close()
	_, err = io.Copy(os.Stdout, out)
	if err != nil {
		return err
	}

	return nil
}

3.5 修改 REPOSITORY:TAG

  • 语法
func (cli *Client) ImageTag(ctx context.Context, source string, target string) error
  • 语法示例
	ctx := context.Background()
    err := cli.ImageTag(ctx, "harbocto.boe.com.cn/crow/crow-qin", "harbocto.boe.com.cn/public/crow-qin:0323")
  • 完整示例
package main

import (
	"context"
	"fmt"
	"github.com/docker/docker/client"
)

func main() {
	cli, err := ConnectDocker()
	if err != nil {
		fmt.Println(err)
	} else {
		fmt.Println("docker 链接成功")
	}

	err = AddNewTag(cli, "harbocto.boe.com.cn/crow/crow-qin", "harbocto.boe.com.cn/public/crow-qin:0323")
	if err != nil {
		fmt.Println(err)
		return
	}
	fmt.Println("REPOSITORY:TAG 添加成功")
}

func AddNewTag(cli *client.Client, sourceImageName string, newImageName string) error {
	ctx := context.Background()
	err := cli.ImageTag(ctx, sourceImageName, newImageName)
	if err != nil {
		return err
	}
	return nil
}
  • 输出
docker 链接成功
REPOSITORY:TAG 添加成功

3.6 删除镜像

  • 语法
func (cli *Client) ImageRemove(ctx context.Context, imageID string, options ImageRemoveOptions) ([]ImageDeleteResponseItem, error)
  • 语法示例
	ctx := context.Background()
	imageDeleteResponseItems, err = cli.ImageRemove(ctx, imageId, types.ImageRemoveOptions{Force: true})
  • 完整示例
package main

import (
	"context"
	"fmt"
	"github.com/docker/docker/api/types"
	"github.com/docker/docker/client"
)

func main() {
	cli, err := ConnectDocker()
	if err != nil {
		fmt.Println(err)
	} else {
		fmt.Println("docker 链接成功")
	}

	imageDeleteResponseItems, err := DeleteImage(cli, "04f135a90290")
	if err != nil {
		fmt.Println(err)
		return
	}
	fmt.Println("==== 被删除的 REPOSITORY:TAG ====\n", imageDeleteResponseItems)
}

func DeleteImage(cli *client.Client, imageId string) (imageDeleteResponseItems []types.ImageDeleteResponseItem, err error) {
	ctx := context.Background()
	imageDeleteResponseItems, err = cli.ImageRemove(ctx, imageId, types.ImageRemoveOptions{Force: true})
	if err != nil {
		fmt.Println(err)
		return imageDeleteResponseItems, err
	}
	return imageDeleteResponseItems, nil
}

输出

docker 链接成功
==== 被删除的 REPOSITORY:TAG ====
 [{ harbocto.boe.com.cn/crow-test/crow-qin:latest} { harbocto.boe.com.cn/crow-test/crow-qin@sha256:5891ae5e691914196af46e869a6cba45c6e53266b4110b85c5c37385cc3b6b84} { harbocto.boe.com.cn/crow/crow-qin:latest} { harbocto.boe
.com.cn/crow/crow-qin@sha256:5891ae5e691914196af46e869a6cba45c6e53266b4110b85c5c37385cc3b6b84} { harbocto.boe.com.cn/public/crow-qin:0323} { harbocto.boe.com.cn/public/crow-qin:latest} {sha256:04f135a90290c42b8cf9b52395c047
53b4d9ed48ddae7c714a0eccdf8acd9682 } {sha256:b823e639a7311f26a530dad46f8ac237412fb28455213bd10f1167920e3afcd4 } {sha256:28b4ee770c69121697cce33f6c52990920c3023b4cc2cf14711e2e489ea5259f } {sha256:42197fd514211b6e3d9f10f9afcd
4ad95620371f22f16656fd671e446c3e3a1e } {sha256:89ae5c4ee501a09c879f5b58474003539ab3bb978a553af2a4a6a7de248b5740 }]

在这里插入图片描述

posted on 2023-03-30 22:06  运维开发玄德公  阅读(549)  评论(0编辑  收藏  举报  来源

导航