OCI镜像

环境

  • Ubuntu 22.04

准备

安装 skopeojqpodman

注:如果找不到 skopeo ,则编辑 /etc/apt/sources.list 文件,添加:

deb http://mirrors.kernel.org/ubuntu jammy main universe

然后再 apt-get install -y skopeo

把image复制到本地oci image

新建一个目录 0417 ,在此目录下:

skopeo copy docker://nginx oci:local_nginx

如下:

root@kaiiias1:~/0417# skopeo copy docker://nginx oci:local_nginx
Getting image source signatures
Copying blob 13808c22b207 done
Copying blob 6fcdffcd79f0 done
Copying blob fbf231d461b3 done
Copying blob c9590dd9c988 done
Copying blob b4033143d859 done
Copying blob abaefc5fcbde done
Copying blob bcef83155b8b done
Copying config c613f16b66 done
Writing manifest to image destination
Storing signatures

tree 命令查看文件结构:

root@kaiiias1:~/0417/local_nginx# tree
.
├── blobs
│   └── sha256
│       ├── 13808c22b207b066ef43572e57e4fb8c6172e887dd9a918c089a174a19371b7a
│       ├── 6fcdffcd79f0bd371fceec96d609d4cc46b805002a2ea68c74b9d9925dfe5ec2
│       ├── abaefc5fcbdecd3accead79308cbc3482a41531d58e0be41c410291dfcf2fd60
│       ├── b4033143d8591983af6ede7fca9b1cffcbd3a47f7e149e9cbc5cd0c3047acbf2
│       ├── bcef83155b8b09f1fc20cba2072adf7c02d94e71564e8c68473e47ab4e303fbe
│       ├── c613f16b664244b150d1c3644cbc387ec1fe8376377f9419992280eb4a82ff3b
│       ├── c9590dd9c9881d041113ddd4f1deb5f056e23ecd5bf332b867d4f64a3f648bd2
│       ├── cd64407576751d9b9ba4924f758d3d39fe76a6e142c32169625b60934c95f057
│       └── fbf231d461b3db0da913cf2ab74e989cc3f79ba6d8c23d2bf2fdafd52a177f5a
├── index.json
└── oci-layout

2 directories, 11 files

oci-layout 文件如下:

{"imageLayoutVersion": "1.0.0"}

index.json 文件如下:

{
  "schemaVersion": 2,
  "manifests": [
    {
      "mediaType": "application/vnd.oci.image.manifest.v1+json",
      "digest": "sha256:cd64407576751d9b9ba4924f758d3d39fe76a6e142c32169625b60934c95f057",
      "size": 2295
    }
  ]
}

该文件中提到了 cd64407576751d9b9ba4924f758d3d39fe76a6e142c32169625b60934c95f057 ,这个digest也是一个文件,内容如下:

{
  "schemaVersion": 2,
  "mediaType": "application/vnd.oci.image.manifest.v1+json",
  "config": {
    "mediaType": "application/vnd.oci.image.config.v1+json",
    "digest": "sha256:c613f16b664244b150d1c3644cbc387ec1fe8376377f9419992280eb4a82ff3b",
    "size": 7001
  },
  "layers": [
    {
      "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
      "digest": "sha256:13808c22b207b066ef43572e57e4fb8c6172e887dd9a918c089a174a19371b7a",
      "size": 29131358
    },
    {
      "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
      "digest": "sha256:6fcdffcd79f0bd371fceec96d609d4cc46b805002a2ea68c74b9d9925dfe5ec2",
      "size": 41387135
    },
    {
      "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
      "digest": "sha256:fbf231d461b3db0da913cf2ab74e989cc3f79ba6d8c23d2bf2fdafd52a177f5a",
      "size": 629
    },
    {
      "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
      "digest": "sha256:c9590dd9c9881d041113ddd4f1deb5f056e23ecd5bf332b867d4f64a3f648bd2",
      "size": 957
    },
    {
      "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
      "digest": "sha256:b4033143d8591983af6ede7fca9b1cffcbd3a47f7e149e9cbc5cd0c3047acbf2",
      "size": 394
    },
    {
      "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
      "digest": "sha256:abaefc5fcbdecd3accead79308cbc3482a41531d58e0be41c410291dfcf2fd60",
      "size": 1211
    },
    {
      "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
      "digest": "sha256:bcef83155b8b09f1fc20cba2072adf7c02d94e71564e8c68473e47ab4e303fbe",
      "size": 1401
    }
  ],
  "annotations": {
    "com.docker.official-images.bashbrew.arch": "amd64",
    "org.opencontainers.image.base.digest": "sha256:346dd1cba3caf44de9467ae428a9d38573f14665408acb80a615e2a7c3f9a2a4",
    "org.opencontainers.image.base.name": "debian:bookworm-slim",
    "org.opencontainers.image.created": "2024-02-14T18:24:57Z",
    "org.opencontainers.image.revision": "1f227619c1f1baa0bed8bed844ea614437ff14fb",
    "org.opencontainers.image.source": "https://github.com/nginxinc/docker-nginx.git#1f227619c1f1baa0bed8bed844ea614437ff14fb:mainline/debian",
    "org.opencontainers.image.url": "https://hub.docker.com/_/nginx",
    "org.opencontainers.image.version": "1.25.4"
  }
}

c613f16b664244b150d1c3644cbc387ec1fe8376377f9419992280eb4a82ff3b 文件如下:

{
  "architecture": "amd64",
  "config": {
    "ExposedPorts": {
      "80/tcp": {}
    },
    "Env": [
      "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
      "NGINX_VERSION=1.25.4",
      "NJS_VERSION=0.8.3",
      "PKG_RELEASE=1~bookworm"
    ],
    "Entrypoint": [
      "/docker-entrypoint.sh"
    ],
    "Cmd": [
      "nginx",
      "-g",
      "daemon off;"
    ],
    "Labels": {
      "maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
    },
    "StopSignal": "SIGQUIT",
    "ArgsEscaped": true
  },
  "created": "2024-02-14T18:24:57Z",
  "history": [
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "/bin/sh -c #(nop) ADD file:d4bb05cb4d403a78b4ab5cd8d620330659d5aeb25f847d104ebc02c3a0f32624 in / "
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "/bin/sh -c #(nop)  CMD [\"bash\"]",
      "empty_layer": true
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "LABEL maintainer=NGINX Docker Maintainers <docker-maint@nginx.com>",
      "comment": "buildkit.dockerfile.v0",
      "empty_layer": true
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "ENV NGINX_VERSION=1.25.4",
      "comment": "buildkit.dockerfile.v0",
      "empty_layer": true
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "ENV NJS_VERSION=0.8.3",
      "comment": "buildkit.dockerfile.v0",
      "empty_layer": true
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "ENV PKG_RELEASE=1~bookworm",
      "comment": "buildkit.dockerfile.v0",
      "empty_layer": true
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "RUN /bin/sh -c set -x     && groupadd --system --gid 101 nginx     && useradd --system --gid nginx --no-create-home --home /nonexistent --comment \"nginx user\" --shell /bin/false --uid 101 nginx     && apt-get update     && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates     &&     NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62;     NGINX_GPGKEY_PATH=/usr/share/keyrings/nginx-archive-keyring.gpg;     export GNUPGHOME=\"$(mktemp -d)\";     found='';     for server in         hkp://keyserver.ubuntu.com:80         pgp.mit.edu     ; do         echo \"Fetching GPG key $NGINX_GPGKEY from $server\";         gpg1 --keyserver \"$server\" --keyserver-options timeout=10 --recv-keys \"$NGINX_GPGKEY\" && found=yes && break;     done;     test -z \"$found\" && echo >&2 \"error: failed to fetch GPG key $NGINX_GPGKEY\" && exit 1;     gpg1 --export \"$NGINX_GPGKEY\" > \"$NGINX_GPGKEY_PATH\" ;     rm -rf \"$GNUPGHOME\";     apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/*     && dpkgArch=\"$(dpkg --print-architecture)\"     && nginxPackages=\"         nginx=${NGINX_VERSION}-${PKG_RELEASE}         nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE}         nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE}         nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE}         nginx-module-njs=${NGINX_VERSION}+${NJS_VERSION}-${PKG_RELEASE}     \"     && case \"$dpkgArch\" in         amd64|arm64)             echo \"deb [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/mainline/debian/ bookworm nginx\" >> /etc/apt/sources.list.d/nginx.list             && apt-get update             ;;         *)             echo \"deb-src [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/mainline/debian/ bookworm nginx\" >> /etc/apt/sources.list.d/nginx.list                         && tempDir=\"$(mktemp -d)\"             && chmod 777 \"$tempDir\"                         && savedAptMark=\"$(apt-mark showmanual)\"                         && apt-get update             && apt-get build-dep -y $nginxPackages             && (                 cd \"$tempDir\"                 && DEB_BUILD_OPTIONS=\"nocheck parallel=$(nproc)\"                     apt-get source --compile $nginxPackages             )                         && apt-mark showmanual | xargs apt-mark auto > /dev/null             && { [ -z \"$savedAptMark\" ] || apt-mark manual $savedAptMark; }                         && ls -lAFh \"$tempDir\"             && ( cd \"$tempDir\" && dpkg-scanpackages . > Packages )             && grep '^Package: ' \"$tempDir/Packages\"             && echo \"deb [ trusted=yes ] file://$tempDir ./\" > /etc/apt/sources.list.d/temp.list             && apt-get -o Acquire::GzipIndexes=false update             ;;     esac         && apt-get install --no-install-recommends --no-install-suggests -y                         $nginxPackages                         gettext-base                         curl     && apt-get remove --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list         && if [ -n \"$tempDir\" ]; then         apt-get purge -y --auto-remove         && rm -rf \"$tempDir\" /etc/apt/sources.list.d/temp.list;     fi     && ln -sf /dev/stdout /var/log/nginx/access.log     && ln -sf /dev/stderr /var/log/nginx/error.log     && mkdir /docker-entrypoint.d # buildkit",
      "comment": "buildkit.dockerfile.v0"
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "COPY docker-entrypoint.sh / # buildkit",
      "comment": "buildkit.dockerfile.v0"
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d # buildkit",
      "comment": "buildkit.dockerfile.v0"
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "COPY 15-local-resolvers.envsh /docker-entrypoint.d # buildkit",
      "comment": "buildkit.dockerfile.v0"
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "COPY 20-envsubst-on-templates.sh /docker-entrypoint.d # buildkit",
      "comment": "buildkit.dockerfile.v0"
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "COPY 30-tune-worker-processes.sh /docker-entrypoint.d # buildkit",
      "comment": "buildkit.dockerfile.v0"
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "ENTRYPOINT [\"/docker-entrypoint.sh\"]",
      "comment": "buildkit.dockerfile.v0",
      "empty_layer": true
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "EXPOSE map[80/tcp:{}]",
      "comment": "buildkit.dockerfile.v0",
      "empty_layer": true
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "STOPSIGNAL SIGQUIT",
      "comment": "buildkit.dockerfile.v0",
      "empty_layer": true
    },
    {
      "created": "2024-02-14T18:24:57Z",
      "created_by": "CMD [\"nginx\" \"-g\" \"daemon off;\"]",
      "comment": "buildkit.dockerfile.v0",
      "empty_layer": true
    }
  ],
  "os": "linux",
  "rootfs": {
    "type": "layers",
    "diff_ids": [
      "sha256:1f00ff20147800878a4ebc9c283f79149a1dde5cc11d659c69d3a9c0bfeb7d4f",
      "sha256:87a8a3a2ab9c3d41f20379bec1738481e4d260a9330f50faeb440db4bb43b21b",
      "sha256:2ee294939e65b5486fa823365302c086df8a03ac6064c8a58ebcbb81a85baf86",
      "sha256:c4484f227d5e1d3074ee6a30ffaa0bc67a13a1b83f5f198b5369be17ee07870f",
      "sha256:4a4c3fe4d6e7c639c58d864abd3321ff89e06ed9fe0dda9cffa38cf75c279872",
      "sha256:75960f7ec704b1afc47685bd8ae9be781c3c507d4b827e82f668ed63f1912703",
      "sha256:fc62225e78901f7a6467f5844a42282275276096a98fcbd94371a8118db23b40"
    ]
  }
}

用skopeo inspect image

skopeo inspect docker://nginx
root@kaiiias1:~/0417/local_nginx/blobs/sha256# skopeo inspect docker://nginx
{
    "Name": "docker.io/library/nginx",
    "Digest": "sha256:9ff236ed47fe39cf1f0acf349d0e5137f8b8a6fd0b46e5117a401010e56222e1",
    "RepoTags": [
        "1",
        "1-alpine",
        "1-alpine-otel",
......
        "stable-bullseye",
        "stable-bullseye-perl",
        "stable-perl"
    ],
    "Created": "2024-02-14T18:24:57Z",
    "DockerVersion": "",
    "Labels": {
        "maintainer": "NGINX Docker Maintainers \u003cdocker-maint@nginx.com\u003e"
    },
    "Architecture": "amd64",
    "Os": "linux",
    "Layers": [
        "sha256:13808c22b207b066ef43572e57e4fb8c6172e887dd9a918c089a174a19371b7a",
        "sha256:6fcdffcd79f0bd371fceec96d609d4cc46b805002a2ea68c74b9d9925dfe5ec2",
        "sha256:fbf231d461b3db0da913cf2ab74e989cc3f79ba6d8c23d2bf2fdafd52a177f5a",
        "sha256:c9590dd9c9881d041113ddd4f1deb5f056e23ecd5bf332b867d4f64a3f648bd2",
        "sha256:b4033143d8591983af6ede7fca9b1cffcbd3a47f7e149e9cbc5cd0c3047acbf2",
        "sha256:abaefc5fcbdecd3accead79308cbc3482a41531d58e0be41c410291dfcf2fd60",
        "sha256:bcef83155b8b09f1fc20cba2072adf7c02d94e71564e8c68473e47ab4e303fbe"
    ],
    "Env": [
        "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
        "NGINX_VERSION=1.25.4",
        "NJS_VERSION=0.8.3",
        "PKG_RELEASE=1~bookworm"
    ]
}

从本地oci image制作image

podman pull oci:/root/0417/local_nginx
root@kaiiias1:~/0417/local_nginx# podman pull oci:/root/0417/local_nginx
Getting image source signatures
Copying blob 13808c22b207 done
Copying blob 6fcdffcd79f0 done
Copying blob fbf231d461b3 done
Copying blob c9590dd9c988 done
Copying blob b4033143d859 done
Copying blob abaefc5fcbde done
Copying blob bcef83155b8b done
Copying config c613f16b66 done
Writing manifest to image destination
Storing signatures
c613f16b664244b150d1c3644cbc387ec1fe8376377f9419992280eb4a82ff3b

查看image:

podman images
REPOSITORY                       TAG         IMAGE ID      CREATED       SIZE
localhost/root/0417/local_nginx  latest      c613f16b6642  2 months ago  191 MB

然后就可以tag和push了。

参考

  • https://blog.csdn.net/cheng_fu/article/details/121623628
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值