环境
- Ubuntu 22.04
准备
安装 skopeo
, jq
, podman
。
注:如果找不到 skopeo
,则编辑 /etc/apt/sources.list
文件,添加:
deb http://mirrors.kernel.org/ubuntu jammy main universe
然后再 apt-get install -y skopeo
。
把image复制到本地oci image
新建一个目录 0417
,在此目录下:
skopeo copy docker://nginx oci:local_nginx
如下:
root@kaiiias1:~/0417# skopeo copy docker://nginx oci:local_nginx
Getting image source signatures
Copying blob 13808c22b207 done
Copying blob 6fcdffcd79f0 done
Copying blob fbf231d461b3 done
Copying blob c9590dd9c988 done
Copying blob b4033143d859 done
Copying blob abaefc5fcbde done
Copying blob bcef83155b8b done
Copying config c613f16b66 done
Writing manifest to image destination
Storing signatures
用 tree
命令查看文件结构:
root@kaiiias1:~/0417/local_nginx# tree
.
├── blobs
│ └── sha256
│ ├── 13808c22b207b066ef43572e57e4fb8c6172e887dd9a918c089a174a19371b7a
│ ├── 6fcdffcd79f0bd371fceec96d609d4cc46b805002a2ea68c74b9d9925dfe5ec2
│ ├── abaefc5fcbdecd3accead79308cbc3482a41531d58e0be41c410291dfcf2fd60
│ ├── b4033143d8591983af6ede7fca9b1cffcbd3a47f7e149e9cbc5cd0c3047acbf2
│ ├── bcef83155b8b09f1fc20cba2072adf7c02d94e71564e8c68473e47ab4e303fbe
│ ├── c613f16b664244b150d1c3644cbc387ec1fe8376377f9419992280eb4a82ff3b
│ ├── c9590dd9c9881d041113ddd4f1deb5f056e23ecd5bf332b867d4f64a3f648bd2
│ ├── cd64407576751d9b9ba4924f758d3d39fe76a6e142c32169625b60934c95f057
│ └── fbf231d461b3db0da913cf2ab74e989cc3f79ba6d8c23d2bf2fdafd52a177f5a
├── index.json
└── oci-layout
2 directories, 11 files
oci-layout
文件如下:
{"imageLayoutVersion": "1.0.0"}
index.json
文件如下:
{
"schemaVersion": 2,
"manifests": [
{
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"digest": "sha256:cd64407576751d9b9ba4924f758d3d39fe76a6e142c32169625b60934c95f057",
"size": 2295
}
]
}
该文件中提到了 cd64407576751d9b9ba4924f758d3d39fe76a6e142c32169625b60934c95f057
,这个digest也是一个文件,内容如下:
{
"schemaVersion": 2,
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"config": {
"mediaType": "application/vnd.oci.image.config.v1+json",
"digest": "sha256:c613f16b664244b150d1c3644cbc387ec1fe8376377f9419992280eb4a82ff3b",
"size": 7001
},
"layers": [
{
"mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
"digest": "sha256:13808c22b207b066ef43572e57e4fb8c6172e887dd9a918c089a174a19371b7a",
"size": 29131358
},
{
"mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
"digest": "sha256:6fcdffcd79f0bd371fceec96d609d4cc46b805002a2ea68c74b9d9925dfe5ec2",
"size": 41387135
},
{
"mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
"digest": "sha256:fbf231d461b3db0da913cf2ab74e989cc3f79ba6d8c23d2bf2fdafd52a177f5a",
"size": 629
},
{
"mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
"digest": "sha256:c9590dd9c9881d041113ddd4f1deb5f056e23ecd5bf332b867d4f64a3f648bd2",
"size": 957
},
{
"mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
"digest": "sha256:b4033143d8591983af6ede7fca9b1cffcbd3a47f7e149e9cbc5cd0c3047acbf2",
"size": 394
},
{
"mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
"digest": "sha256:abaefc5fcbdecd3accead79308cbc3482a41531d58e0be41c410291dfcf2fd60",
"size": 1211
},
{
"mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
"digest": "sha256:bcef83155b8b09f1fc20cba2072adf7c02d94e71564e8c68473e47ab4e303fbe",
"size": 1401
}
],
"annotations": {
"com.docker.official-images.bashbrew.arch": "amd64",
"org.opencontainers.image.base.digest": "sha256:346dd1cba3caf44de9467ae428a9d38573f14665408acb80a615e2a7c3f9a2a4",
"org.opencontainers.image.base.name": "debian:bookworm-slim",
"org.opencontainers.image.created": "2024-02-14T18:24:57Z",
"org.opencontainers.image.revision": "1f227619c1f1baa0bed8bed844ea614437ff14fb",
"org.opencontainers.image.source": "https://github.com/nginxinc/docker-nginx.git#1f227619c1f1baa0bed8bed844ea614437ff14fb:mainline/debian",
"org.opencontainers.image.url": "https://hub.docker.com/_/nginx",
"org.opencontainers.image.version": "1.25.4"
}
}
c613f16b664244b150d1c3644cbc387ec1fe8376377f9419992280eb4a82ff3b
文件如下:
{
"architecture": "amd64",
"config": {
"ExposedPorts": {
"80/tcp": {}
},
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.25.4",
"NJS_VERSION=0.8.3",
"PKG_RELEASE=1~bookworm"
],
"Entrypoint": [
"/docker-entrypoint.sh"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
},
"StopSignal": "SIGQUIT",
"ArgsEscaped": true
},
"created": "2024-02-14T18:24:57Z",
"history": [
{
"created": "2024-02-14T18:24:57Z",
"created_by": "/bin/sh -c #(nop) ADD file:d4bb05cb4d403a78b4ab5cd8d620330659d5aeb25f847d104ebc02c3a0f32624 in / "
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "/bin/sh -c #(nop) CMD [\"bash\"]",
"empty_layer": true
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "LABEL maintainer=NGINX Docker Maintainers <docker-maint@nginx.com>",
"comment": "buildkit.dockerfile.v0",
"empty_layer": true
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "ENV NGINX_VERSION=1.25.4",
"comment": "buildkit.dockerfile.v0",
"empty_layer": true
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "ENV NJS_VERSION=0.8.3",
"comment": "buildkit.dockerfile.v0",
"empty_layer": true
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "ENV PKG_RELEASE=1~bookworm",
"comment": "buildkit.dockerfile.v0",
"empty_layer": true
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "RUN /bin/sh -c set -x && groupadd --system --gid 101 nginx && useradd --system --gid nginx --no-create-home --home /nonexistent --comment \"nginx user\" --shell /bin/false --uid 101 nginx && apt-get update && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates && NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; NGINX_GPGKEY_PATH=/usr/share/keyrings/nginx-archive-keyring.gpg; export GNUPGHOME=\"$(mktemp -d)\"; found=''; for server in hkp://keyserver.ubuntu.com:80 pgp.mit.edu ; do echo \"Fetching GPG key $NGINX_GPGKEY from $server\"; gpg1 --keyserver \"$server\" --keyserver-options timeout=10 --recv-keys \"$NGINX_GPGKEY\" && found=yes && break; done; test -z \"$found\" && echo >&2 \"error: failed to fetch GPG key $NGINX_GPGKEY\" && exit 1; gpg1 --export \"$NGINX_GPGKEY\" > \"$NGINX_GPGKEY_PATH\" ; rm -rf \"$GNUPGHOME\"; apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* && dpkgArch=\"$(dpkg --print-architecture)\" && nginxPackages=\" nginx=${NGINX_VERSION}-${PKG_RELEASE} nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} nginx-module-njs=${NGINX_VERSION}+${NJS_VERSION}-${PKG_RELEASE} \" && case \"$dpkgArch\" in amd64|arm64) echo \"deb [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/mainline/debian/ bookworm nginx\" >> /etc/apt/sources.list.d/nginx.list && apt-get update ;; *) echo \"deb-src [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/mainline/debian/ bookworm nginx\" >> /etc/apt/sources.list.d/nginx.list && tempDir=\"$(mktemp -d)\" && chmod 777 \"$tempDir\" && savedAptMark=\"$(apt-mark showmanual)\" && apt-get update && apt-get build-dep -y $nginxPackages && ( cd \"$tempDir\" && DEB_BUILD_OPTIONS=\"nocheck parallel=$(nproc)\" apt-get source --compile $nginxPackages ) && apt-mark showmanual | xargs apt-mark auto > /dev/null && { [ -z \"$savedAptMark\" ] || apt-mark manual $savedAptMark; } && ls -lAFh \"$tempDir\" && ( cd \"$tempDir\" && dpkg-scanpackages . > Packages ) && grep '^Package: ' \"$tempDir/Packages\" && echo \"deb [ trusted=yes ] file://$tempDir ./\" > /etc/apt/sources.list.d/temp.list && apt-get -o Acquire::GzipIndexes=false update ;; esac && apt-get install --no-install-recommends --no-install-suggests -y $nginxPackages gettext-base curl && apt-get remove --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list && if [ -n \"$tempDir\" ]; then apt-get purge -y --auto-remove && rm -rf \"$tempDir\" /etc/apt/sources.list.d/temp.list; fi && ln -sf /dev/stdout /var/log/nginx/access.log && ln -sf /dev/stderr /var/log/nginx/error.log && mkdir /docker-entrypoint.d # buildkit",
"comment": "buildkit.dockerfile.v0"
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "COPY docker-entrypoint.sh / # buildkit",
"comment": "buildkit.dockerfile.v0"
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d # buildkit",
"comment": "buildkit.dockerfile.v0"
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "COPY 15-local-resolvers.envsh /docker-entrypoint.d # buildkit",
"comment": "buildkit.dockerfile.v0"
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "COPY 20-envsubst-on-templates.sh /docker-entrypoint.d # buildkit",
"comment": "buildkit.dockerfile.v0"
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "COPY 30-tune-worker-processes.sh /docker-entrypoint.d # buildkit",
"comment": "buildkit.dockerfile.v0"
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "ENTRYPOINT [\"/docker-entrypoint.sh\"]",
"comment": "buildkit.dockerfile.v0",
"empty_layer": true
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "EXPOSE map[80/tcp:{}]",
"comment": "buildkit.dockerfile.v0",
"empty_layer": true
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "STOPSIGNAL SIGQUIT",
"comment": "buildkit.dockerfile.v0",
"empty_layer": true
},
{
"created": "2024-02-14T18:24:57Z",
"created_by": "CMD [\"nginx\" \"-g\" \"daemon off;\"]",
"comment": "buildkit.dockerfile.v0",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:1f00ff20147800878a4ebc9c283f79149a1dde5cc11d659c69d3a9c0bfeb7d4f",
"sha256:87a8a3a2ab9c3d41f20379bec1738481e4d260a9330f50faeb440db4bb43b21b",
"sha256:2ee294939e65b5486fa823365302c086df8a03ac6064c8a58ebcbb81a85baf86",
"sha256:c4484f227d5e1d3074ee6a30ffaa0bc67a13a1b83f5f198b5369be17ee07870f",
"sha256:4a4c3fe4d6e7c639c58d864abd3321ff89e06ed9fe0dda9cffa38cf75c279872",
"sha256:75960f7ec704b1afc47685bd8ae9be781c3c507d4b827e82f668ed63f1912703",
"sha256:fc62225e78901f7a6467f5844a42282275276096a98fcbd94371a8118db23b40"
]
}
}
用skopeo inspect image
skopeo inspect docker://nginx
root@kaiiias1:~/0417/local_nginx/blobs/sha256# skopeo inspect docker://nginx
{
"Name": "docker.io/library/nginx",
"Digest": "sha256:9ff236ed47fe39cf1f0acf349d0e5137f8b8a6fd0b46e5117a401010e56222e1",
"RepoTags": [
"1",
"1-alpine",
"1-alpine-otel",
......
"stable-bullseye",
"stable-bullseye-perl",
"stable-perl"
],
"Created": "2024-02-14T18:24:57Z",
"DockerVersion": "",
"Labels": {
"maintainer": "NGINX Docker Maintainers \u003cdocker-maint@nginx.com\u003e"
},
"Architecture": "amd64",
"Os": "linux",
"Layers": [
"sha256:13808c22b207b066ef43572e57e4fb8c6172e887dd9a918c089a174a19371b7a",
"sha256:6fcdffcd79f0bd371fceec96d609d4cc46b805002a2ea68c74b9d9925dfe5ec2",
"sha256:fbf231d461b3db0da913cf2ab74e989cc3f79ba6d8c23d2bf2fdafd52a177f5a",
"sha256:c9590dd9c9881d041113ddd4f1deb5f056e23ecd5bf332b867d4f64a3f648bd2",
"sha256:b4033143d8591983af6ede7fca9b1cffcbd3a47f7e149e9cbc5cd0c3047acbf2",
"sha256:abaefc5fcbdecd3accead79308cbc3482a41531d58e0be41c410291dfcf2fd60",
"sha256:bcef83155b8b09f1fc20cba2072adf7c02d94e71564e8c68473e47ab4e303fbe"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.25.4",
"NJS_VERSION=0.8.3",
"PKG_RELEASE=1~bookworm"
]
}
从本地oci image制作image
podman pull oci:/root/0417/local_nginx
root@kaiiias1:~/0417/local_nginx# podman pull oci:/root/0417/local_nginx
Getting image source signatures
Copying blob 13808c22b207 done
Copying blob 6fcdffcd79f0 done
Copying blob fbf231d461b3 done
Copying blob c9590dd9c988 done
Copying blob b4033143d859 done
Copying blob abaefc5fcbde done
Copying blob bcef83155b8b done
Copying config c613f16b66 done
Writing manifest to image destination
Storing signatures
c613f16b664244b150d1c3644cbc387ec1fe8376377f9419992280eb4a82ff3b
查看image:
podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/root/0417/local_nginx latest c613f16b6642 2 months ago 191 MB
然后就可以tag和push了。
参考
- https://blog.csdn.net/cheng_fu/article/details/121623628