java通过k8s和harbor仓库上传下发镜像
harbor
Harbor 是一个开源的容器镜像仓库,用于存储和管理 Docker 镜像和其他容器镜像。 * 容器镜像仓库、存储和管理 Docker 镜像和其他容器镜像 * 有什么特点:支持多种镜像格式、易于使用、安全性和访问控制
项目地址:https://gitcode.com/gh_mirrors/ha/harbor
免费下载资源
·
java上传下发镜像
搭建K8S集群
https://blog.csdn.net/yy8623977/article/details/124685772
搭建harbor仓库
备注:使用https访问
https://www.pudn.com/news/6332c348272bb74d44061fdc.html
配置k8s从harbor私有仓库拉取镜像权限
https://blog.csdn.net/zhangfeng5909/article/details/90314884
docker使用https访问harbor仓库
将证书的.cert(即crt或cer,需要将后缀改为cert),.key文件放入docker一下目录(需要自己创建)
/etc/docker/certs.d/harborIP/
重启docker
systemctl daemon-reload
systemctl restart docker
java集成k8s的sdk
<!-- k8s的javaSDK -->
<dependency>
<groupId>io.kubernetes</groupId>
<artifactId>client-java</artifactId>
<version>14.0.0</version>
</dependency>
@Slf4j
@Configuration
public class ApiClientInit {
@PostConstruct
public void setDefaultApiClient() throws Exception {
io.kubernetes.client.openapi.Configuration
.setDefaultApiClient(
Config.fromConfig(
new ClassPathResource("config")
.getInputStream()));
}
@Bean
public CoreV1Api coreV1Api(){
return new CoreV1Api();
}
@Bean
public AppsV1Api appsV1Api(){
return new AppsV1Api();
}
}
将k8s配置文件引入到项目里
/etc/kubernetes/admin.conf
java集成docker的sdk
备注:使用https访问
https://zhuanlan.zhihu.com/p/424941132
<!--java操作docker -->
<dependency>
<groupId>com.github.docker-java</groupId>
<artifactId>docker-java</artifactId>
<version>3.2.13</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.spotify/docker-client -->
<dependency>
<groupId>com.spotify</groupId>
<artifactId>docker-client</artifactId>
<version>8.16.0</version>
</dependency>
import com.github.dockerjava.api.DockerClient;
import com.github.dockerjava.core.DefaultDockerClientConfig;
import com.github.dockerjava.core.DockerClientConfig;
import com.github.dockerjava.core.DockerClientImpl;
import com.github.dockerjava.httpclient5.ApacheDockerHttpClient;
import com.github.dockerjava.transport.DockerHttpClient;
import com.spotify.docker.client.DefaultDockerClient;
import com.spotify.docker.client.DockerCertificates;
import com.spotify.docker.client.exceptions.DockerCertificateException;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;
import java.net.URI;
import java.nio.file.Paths;
import java.time.Duration;
@Component
public class DockerClientInit {
@Bean("dockerClient")
public DockerClient dockerClient() {
//创建DefaultDockerClientConfig
// 进行安全认证
DockerClientConfig config = DefaultDockerClientConfig.createDefaultConfigBuilder()
// 服务器ip
.withDockerHost("tcp://dockerip:2375")
.withApiVersion("1.12")
.withDockerTlsVerify(true)
.withDockerCertPath("D:/home")
.withRegistryUrl("harborip")
.withRegistryUsername("admin")
.withRegistryPassword("Harbor12345")
.build();
//创建DockerHttpClient
DockerHttpClient httpClient = new ApacheDockerHttpClient.Builder()
.dockerHost(config.getDockerHost())
.sslConfig(config.getSSLConfig())
.maxConnections(100)
.connectionTimeout(Duration.ofSeconds(30))
.responseTimeout(Duration.ofSeconds(45))
.build();
return DockerClientImpl.getInstance(config, httpClient);
}
@Bean("client")
public com.spotify.docker.client.DockerClient client() throws DockerCertificateException {
return DefaultDockerClient.builder()
.uri(URI.create("https://dockerip:2375"))
.dockerCertificates(new DockerCertificates(Paths.get("D:/home")))
.build();
}
}
上传镜像到harbor仓库
备注:若完全使用此代码,file文件名需为xxx.tar,harbor需要创建zsl项目,harborip改为自己的ip,否则可能出错。我这里上传的是nginx.tar,下面下发也用的是nginx.tar,上传的镜像不同的话,下面下发镜像时也需要修改image拉取路径
@Override
public void uploadImage(MultipartFile file) throws IOException {
InputStream inputStream = file.getInputStream();
String fileName = file.getOriginalFilename();
uploadHarbor(inputStream,fileName);
}
private void uploadHarbor(InputStream inputStream , String fileName) {
log.info("上传文件名称:" + fileName);
try {
Set<String> imageSet = client.load(inputStream);
for (String realImageName : imageSet) {
// 用户输入的信息
String userImageAddr = "harborip/zsl/"+fileName+":1.0";
String[] split = userImageAddr.split(":");
String imagesName = split[0];
String version = split[1];
log.info("split[0]=" +imagesName + ", split[1]=" + version);
// tag docker tag : 标记本地镜像,将其归入某一仓库
dockerClient.tagImageCmd(realImageName, imagesName, version).exec();
// push docker push : 将本地的镜像上传到镜像仓库
dockerClient.pushImageCmd(userImageAddr).start().awaitCompletion();
// 删除镜像
dockerClient.removeImageCmd(realImageName).exec();
dockerClient.removeImageCmd(userImageAddr).exec();
break;
}
log.info("推送成功");
} catch (DockerException e) {
log.error(String.valueOf(e));
} catch (Exception e) {
log.error("文件上传失败", e);
}
}
k8s镜像下发
public void runImage() throws ApiException {
String name = "nginx-11";
Map<String, String> labels = new HashMap<>();
labels.put("app","nginx");
V1ObjectMeta deployMeta = new V1ObjectMeta();
deployMeta.name(name).namespace("zsl").labels(labels);
V1ContainerPort v1ContainerPort = new V1ContainerPort().containerPort(80).hostPort(10008);
List<V1ContainerPort> containerPorts = new ArrayList<>();
containerPorts.add(v1ContainerPort);
//这里需要改为自己的镜像路径
V1Container v1Container = new V1Container().name(name)
.image("harborip/zsl/nginx.tar:1.0").ports(containerPorts);
List<V1Container> containers = new ArrayList<>();
containers.add(v1Container);
List<V1LocalObjectReference> imagePullSecrets = new ArrayList<>();
V1LocalObjectReference reference = new V1LocalObjectReference();
//这里需要改为k8s下发harbor私有仓库权限时的secret
reference.name("custom-hub");
imagePullSecrets.add(reference);
V1DeploymentSpec deploySpec =
new V1DeploymentSpec()
.replicas(1)
.selector(new V1LabelSelector().matchLabels(labels))
.template(new V1PodTemplateSpec()
.metadata(new V1ObjectMeta().labels(labels))
.spec(new V1PodSpec()
//.hostNetwork(true)
.imagePullSecrets(imagePullSecrets)
.nodeName("node1")
.containers(containers)));
V1Deployment v1Deployment =
new V1Deployment()
.apiVersion("apps/v1")
.kind("Deployment")
.metadata(deployMeta)
.spec(deploySpec);
//k8s需要创建namespace zsl
appsV1Api.createNamespacedDeployment("zsl",v1Deployment,null,null,null);
}
GitHub 加速计划 / ha / harbor
10
3
下载
Harbor 是一个开源的容器镜像仓库,用于存储和管理 Docker 镜像和其他容器镜像。 * 容器镜像仓库、存储和管理 Docker 镜像和其他容器镜像 * 有什么特点:支持多种镜像格式、易于使用、安全性和访问控制
最近提交(Master分支:6 个月前 )
45659070
Fix integration issue with UI
Signed-off-by: stonezdj <stone.zhang@broadcom.com> 2 天前
add0b600
chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) from 1.31.0 to 1.34.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.31.0...v1.34.0)
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 4 天前
旨在为数千万中国开发者提供一个无缝且高效的云端环境,以支持学习、使用和贡献开源项目。
更多推荐
2
0- 0
已为社区贡献1条内容
所有评论(0)