java通过k8s和harbor仓库上传下发镜像

harbor

Harbor 是一个开源的容器镜像仓库，用于存储和管理 Docker 镜像和其他容器镜像。 * 容器镜像仓库、存储和管理 Docker 镜像和其他容器镜像 * 有什么特点：支持多种镜像格式、易于使用、安全性和访问控制

项目地址：https://gitcode.com/gh_mirrors/ha/harbor

免费下载资源

songlinzheng

1656人浏览 · 2022-11-09 11:25:24

songlinzheng · 2022-11-09 11:25:24 发布

java上传下发镜像

搭建K8S集群
搭建harbor仓库
配置k8s从harbor私有仓库拉取镜像权限
docker使用https访问harbor仓库
java集成k8s的sdk
java集成docker的sdk
上传镜像到harbor仓库
k8s镜像下发

搭建K8S集群

https://blog.csdn.net/yy8623977/article/details/124685772

搭建harbor仓库

备注：使用https访问
https://www.pudn.com/news/6332c348272bb74d44061fdc.html

配置k8s从harbor私有仓库拉取镜像权限

https://blog.csdn.net/zhangfeng5909/article/details/90314884

docker使用https访问harbor仓库

将证书的.cert(即crt或cer，需要将后缀改为cert)，.key文件放入docker一下目录（需要自己创建）
/etc/docker/certs.d/harborIP/
重启docker
systemctl daemon-reload
systemctl restart docker

java集成k8s的sdk

<!-- k8s的javaSDK -->
        <dependency>
            <groupId>io.kubernetes</groupId>
            <artifactId>client-java</artifactId>
            <version>14.0.0</version>
        </dependency>

@Slf4j
@Configuration
public class ApiClientInit {

    @PostConstruct
    public void setDefaultApiClient() throws Exception {
        io.kubernetes.client.openapi.Configuration
                .setDefaultApiClient(
                        Config.fromConfig(
                                new ClassPathResource("config")
                                        .getInputStream()));
    }

    @Bean
    public CoreV1Api coreV1Api(){
        return new CoreV1Api();
    }

    @Bean
    public AppsV1Api appsV1Api(){
        return new AppsV1Api();
    }
}

将k8s配置文件引入到项目里
/etc/kubernetes/admin.conf
在这里插入图片描述

java集成docker的sdk

备注：使用https访问
https://zhuanlan.zhihu.com/p/424941132

<!--java操作docker -->
        <dependency>
            <groupId>com.github.docker-java</groupId>
            <artifactId>docker-java</artifactId>
            <version>3.2.13</version>
        </dependency>
        <!-- https://mvnrepository.com/artifact/com.spotify/docker-client -->
        <dependency>
            <groupId>com.spotify</groupId>
            <artifactId>docker-client</artifactId>
            <version>8.16.0</version>
        </dependency>

import com.github.dockerjava.api.DockerClient;
import com.github.dockerjava.core.DefaultDockerClientConfig;
import com.github.dockerjava.core.DockerClientConfig;
import com.github.dockerjava.core.DockerClientImpl;
import com.github.dockerjava.httpclient5.ApacheDockerHttpClient;
import com.github.dockerjava.transport.DockerHttpClient;
import com.spotify.docker.client.DefaultDockerClient;
import com.spotify.docker.client.DockerCertificates;
import com.spotify.docker.client.exceptions.DockerCertificateException;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;

import java.net.URI;
import java.nio.file.Paths;
import java.time.Duration;

@Component
public class DockerClientInit {

    @Bean("dockerClient")
    public DockerClient dockerClient() {
        //创建DefaultDockerClientConfig
        // 进行安全认证
        DockerClientConfig config = DefaultDockerClientConfig.createDefaultConfigBuilder()
                // 服务器ip
                .withDockerHost("tcp://dockerip:2375")
                .withApiVersion("1.12")
                .withDockerTlsVerify(true)
                .withDockerCertPath("D:/home")
                .withRegistryUrl("harborip")
                .withRegistryUsername("admin")
                .withRegistryPassword("Harbor12345")
                .build();
        //创建DockerHttpClient
        DockerHttpClient httpClient = new ApacheDockerHttpClient.Builder()
                .dockerHost(config.getDockerHost())
                .sslConfig(config.getSSLConfig())
                .maxConnections(100)
                .connectionTimeout(Duration.ofSeconds(30))
                .responseTimeout(Duration.ofSeconds(45))
                .build();
        return DockerClientImpl.getInstance(config, httpClient);
    }

    @Bean("client")
    public com.spotify.docker.client.DockerClient client() throws DockerCertificateException {
        return DefaultDockerClient.builder()
                .uri(URI.create("https://dockerip:2375"))
                .dockerCertificates(new DockerCertificates(Paths.get("D:/home")))
                .build();
    }
}

上传镜像到harbor仓库

备注：若完全使用此代码，file文件名需为xxx.tar，harbor需要创建zsl项目，harborip改为自己的ip,否则可能出错。我这里上传的是nginx.tar，下面下发也用的是nginx.tar，上传的镜像不同的话，下面下发镜像时也需要修改image拉取路径

@Override
    public void uploadImage(MultipartFile file) throws IOException {
        InputStream inputStream = file.getInputStream();
        String fileName = file.getOriginalFilename();
        uploadHarbor(inputStream,fileName);
    }

private void uploadHarbor(InputStream inputStream , String fileName) {
        log.info("上传文件名称：" + fileName);
        try {
            Set<String> imageSet = client.load(inputStream);
            for (String realImageName : imageSet) {
                // 用户输入的信息
                String userImageAddr = "harborip/zsl/"+fileName+":1.0";
                String[] split = userImageAddr.split(":");
                String imagesName = split[0];
                String version = split[1];
                log.info("split[0]=" +imagesName + ", split[1]=" + version);
                // tag   docker tag : 标记本地镜像，将其归入某一仓库
                dockerClient.tagImageCmd(realImageName, imagesName, version).exec();
                // push   docker push : 将本地的镜像上传到镜像仓库
                dockerClient.pushImageCmd(userImageAddr).start().awaitCompletion();
                // 删除镜像
                dockerClient.removeImageCmd(realImageName).exec();
                dockerClient.removeImageCmd(userImageAddr).exec();
                break;
            }
            log.info("推送成功");
        } catch (DockerException e) {
            log.error(String.valueOf(e));
        } catch (Exception e) {
            log.error("文件上传失败", e);
        }
    }

k8s镜像下发

public void runImage() throws ApiException {
        String name = "nginx-11";
        Map<String, String> labels = new HashMap<>();
        labels.put("app","nginx");
        V1ObjectMeta deployMeta = new V1ObjectMeta();
        deployMeta.name(name).namespace("zsl").labels(labels);


        V1ContainerPort v1ContainerPort = new V1ContainerPort().containerPort(80).hostPort(10008);
        List<V1ContainerPort> containerPorts = new ArrayList<>();
        containerPorts.add(v1ContainerPort);
		//这里需要改为自己的镜像路径
        V1Container v1Container = new V1Container().name(name)
                .image("harborip/zsl/nginx.tar:1.0").ports(containerPorts);

        List<V1Container> containers = new ArrayList<>();
        containers.add(v1Container);

        List<V1LocalObjectReference> imagePullSecrets = new ArrayList<>();
        V1LocalObjectReference reference = new V1LocalObjectReference();
        //这里需要改为k8s下发harbor私有仓库权限时的secret
        reference.name("custom-hub");
        imagePullSecrets.add(reference);

        V1DeploymentSpec deploySpec =
                new V1DeploymentSpec()
                        .replicas(1)
                        .selector(new V1LabelSelector().matchLabels(labels))
                        .template(new V1PodTemplateSpec()
                                .metadata(new V1ObjectMeta().labels(labels))
                                .spec(new V1PodSpec()
                                        //.hostNetwork(true)
                                        .imagePullSecrets(imagePullSecrets)
                                        .nodeName("node1")
                                        .containers(containers)));

        V1Deployment v1Deployment =
                new V1Deployment()
                        .apiVersion("apps/v1")
                        .kind("Deployment")
                        .metadata(deployMeta)
                        .spec(deploySpec);
                        //k8s需要创建namespace zsl
        appsV1Api.createNamespacedDeployment("zsl",v1Deployment,null,null,null);

    }

GitHub 加速计划 / ha / harbor

23.24 K

4.68 K

下载

最近提交(Master分支：2 个月前 )

9e55afbb pull image from registry.goharbor.io instead of dockerhub Update testcase to support Docker Image Can Be Pulled With Credential Change gitlab project name when user changed. Update permissions count and permission count total Change webhook_endpoint_ui Signed-off-by: stonezdj <stone.zhang@broadcom.com> Co-authored-by: Wang Yan <wangyan@vmware.com> 2 天前

3dbfd422 Signed-off-by: wang yan <wangyan@vmware.com> 2 天前

GitCode 开源社区

旨在为数千万中国开发者提供一个无缝且高效的云端环境，以支持学习、使用和贡献开源项目。

更多推荐

[转载]在Windows环境下安装GNU Radio

转自：在Windows环境下安装GNURadio_恐弱智_新浪博客GNU Radio是用Python开发的，大部分开源的工程能够在Linux环境下运行良好，而Windows下却运行的很勉强，而且安装配置都很复杂。GNU Radio算是个例外了，不光提供了Windows的二进制安装，还有比较详细的说明。我是Python小白，所以折腾了好久才弄好，特意记录下来，免得以后再装还折腾。GNU Radio的

GitCode 开源社区

centOS 8 使用dnf安装Docker

DNF是什么？CentOS 8使用YUM软件包管理器版本v4.0.4。现在，该版本使用DNF(已删除YUM)。DNF是软件包管理器。它会在Linux发行版上安装，执行更新并删除软件包。使用DNF安装Docker跳过具有损坏依赖性的程序包一个有效的解决方案是使您的CentOS 8系统使用以下--nobest命令安装最符合条件的版本：sudo dnf install docker...

GitCode 开源社区

定时同步数据库表(mysql+linux+crontab)

sync.sh里面的参数需要改变，ip/username/password/database/tablesync.sh#!/bin/sh# Please change the IP and password of the data source db.# Then change the table name.filename=/home/nington/db/$(date +%Y-%m