是否有gcloud API或其他命令行界面(CLI)来访问私有Google容器注册表中已发布的容器图像列表? (这是Google Cloud Platform项目中的容器注册表)
gcloud container似乎没有帮助:
$ gcloud container
Usage: gcloud container [optional flags] <group | command>
group may be clusters | operations
command may be get-server-config
Deploy and manage clusters of machines for running containers.
flags:
--zone ZONE, -z ZONE The compute zone (e.g. us-central1-a) for the cluster
global flags:
Run `gcloud -h` for a description of flags available to all commands.
command groups:
clusters Deploy and teardown Google Container Engine clusters.
operations Get and list operations for Google Container Engine
clusters.
commands:
get-server-config Get Container Engine server config.
我也不想使用gcloud docker列出图片,因为这需要连接到我没有的特定docker守护程序。除非有办法告诉gcloud docker连接到远程公共docker守护程序,该守护程序可以读取通过我的项目推送到注册表的私有容器。
答案 0 :(得分:13)
我们刚刚发布了一个新命令来列出存储库中的图像!您可以尝试使用:
gcloud alpha container images list --repository=gcr.io/$MYREPOSITORY
如果您想查看图片的特定标签,可以使用:
gcloud alpha container images list-tags gcr.io/$MYREPOSITORY/$MYIMAGE
答案 1 :(得分:3)
Robert Bailey给出的答案对某些任务有好处,但可能会错过你特别想做的事情。尽管如此,你回答他的答案的评论并不是他的答案的错误,而是你自己对什么命令失败的理解。实际上意味着做。
就你的第二条评论而言,
使用docker我收到以下错误(由于上述原因 以上;我还编辑了问题):
Cannot connect to the Docker daemon. Is the docker daemon running on this host?
这是docker守护程序未运行的结果。检查它是否通过ps aux | grep docker运行。您可以参考Docker documentation来确定如何正确安装和运行它。
就你的第一条评论而言,
使用curl我得到:
{"errors":[{"code":"DENIED","message":"Failed to read tags for repository '<my_project>/<my_image>'"}]}。我必须 以某种方式进行身份验证以访问私有注册表中的图像。一世 不想使用码头工具,因为这意味着我必须有一个码头工具 守护进程可用。我只想看一个带有的容器图像 特定版本在Container Registry中。所以我需要的是一个 Google Developer Console中容器注册表的API。
如果罗伯特的最新评论中提到的,除非你以某种方式在{{1}期间提供了一些好的oauth标题,否则你将无法curl图像,除非它是公开的。调用。
您应该使用gcloud docker尝试列出注册表中的图像,就像使用其他docker注册表一样。 curl命令组对于您所需的任务是错误的。您可以在下面看到gcloud container命令组gcloud version 96.0.0的输出(本评论的最新内容):
docker您应该使用$ gcloud docker
Usage: docker [OPTIONS] COMMAND [arg...]
docker daemon [ --help | ... ]
docker [ --help | -v | --version ]
A self-sufficient runtime for containers.
Options:
--config=~/.docker Location of client config files
-D, --debug=false Enable debug mode
--disable-legacy-registry=false Do not contact legacy registries
-H, --host=[] Daemon socket(s) to connect to
-h, --help=false Print usage
-l, --log-level=info Set the logging level
--tls=false Use TLS; implied by --tlsverify
--tlscacert=~/.docker/ca.pem Trust certs signed only by this CA
--tlscert=~/.docker/cert.pem Path to TLS certificate file
--tlskey=~/.docker/key.pem Path to TLS key file
--tlsverify=false Use TLS and verify the remote
-v, --version=false Print version information and quit
Commands:
attach Attach to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on a container or image
kill Kill a running container
load Load an image from a tar archive or STDIN
login Register or log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
network Manage Docker networks
pause Pause all processes within a container
port List port mappings or a specific mapping for the CONTAINER
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart a container
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save an image(s) to a tar archive
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop a running container
tag Tag an image into a repository
top Display the running processes of a container
unpause Unpause all processes within a container
version Show the Docker version information
volume Manage Docker volumes
wait Block until a container stops, then print its exit code
Run 'docker COMMAND --help' for more information on a command.
来检查存储库中的图像。 gcloud docker search gcr.io/project-id拥有您的凭据,因此只要您在项目中以适当的用户身份进行身份验证,它就可以与私人注册管理机构进行通信。
最后,作为一项附加资源:Cloud Platform文档有一篇关于使用Google Container Registry的文章。
答案 2 :(得分:1)
如果您知道托管图片的项目(例如google-containers),您可以使用
gcloud docker search gcr.io/google_containers
对于单个图片(例如pause项目中的google-containers图片),您可以使用
curl https://gcr.io/v2/google-containers/pause/tags/list
答案 3 :(得分:1)
到目前为止,我没有可用的本地docker并且无法连接到远程docker(这仍然需要至少本地docker客户端但不需要运行本地守护程序)的最佳解决方案是SSH到容器集群运行docker并在那里完成搜索并在原始脚本中获取结果的实例:
gcloud compute ssh <container_cluster_instance> -C "sudo gcloud docker search ..."
当然,为了避免所有详细的输出(比如SSH / Terminal欢迎消息),我使用一些参数来静默执行:
gcloud compute ssh --ssh-flag="-q" "$INSTANCE_NAME" -o LogLevel=quiet -C "sudo gcloud docker search ..."
答案 4 :(得分:0)
我刚刚找到了一种检查特定图像的简单方法。在对curl -u "oauth2accesstoken:$(gcloud auth print-access-token)" https://gcr.io/v2/<projectName>/<imageName>/tags/list
进行身份验证后,使用它来生成访问令牌以便从您的私人注册表中进行读取:
$mail->isSMTP();
$mail->Host = MAIL_HOST;
$mail->SMTPAuth = MAIL_SMTPAUTH;
$mail->Username = MAIL_USERNAME;
$mail->Password = MAIL_PASSWORD;
$mail->SMTPSecure = MAIL_SMTPSECURE;
$mail->Port = MAIL_PORT;
$mail->addAddress($t);
$mail->Body = $body;
$vcal .= "BEGIN:VCALENDAR\n";
$vcal .= "VERSION:2.0\n";
$vcal .= "PRODID://Foobar Corporation//NONSGML Foobar//EN\n";
$vcal .= "METHOD:PUBLISH\n"; // requied by Outlook
$vcal .= "X-WR-CALNAME:PH2011\n";
$vcal .= "X-WR-TIMEZONE:Asia/Singapore\n";
$vcal .= "BEGIN:VEVENT\n";
$vcal .= "UID:".date('Ymd').'T'.date('His')."-".rand()."-example.com\n"; // required by Outlok
$vcal .= "DTSTAMP:".date('Ymd').'T'.date('His')."\n"; // required by Outlook
$vcal .= "DTSTART:$dtstart\n";
$vcal .= "DTEND:$dtend\r\n";
$vcal .= "SUMMARY:Your Summary Here\n";
$vcal .= "LOCATION: Your Location Here\n";
$vcal .= "DESCRIPTION: Your Description Here\n";
$vcal .= "END:VEVENT\n";
$vcal .= "END:VCALENDAR\n";
$headers = "From: $from\r\nReply-To: $from";
$headers .= "\r\nMIME-version: 1.0\r\nContent-Type: text/calendar; name=calendar.ics; method=REQUEST; charset=\"iso-8859-1\"";
$headers .= "\r\nContent-Transfer-Encoding: 7bit\r\nX-Mailer: Microsoft Office Outlook 12.0";
$mail->addCustomHeader($vcal);
$mail->addCustomHeader($headers);
$mail->send()