java通过k8s和harbor仓库上传下发镜像

搭建K8S集群

https://blog.csdn.net/yy8623977/article/details/124685772

搭建harbor仓库

备注：使用https访问
https://www.pudn.com/news/6332c348272bb74d44061fdc.html

配置k8s从harbor私有仓库拉取镜像权限

https://blog.csdn.net/zhangfeng5909/article/details/90314884

docker使用https访问harbor仓库

将证书的.cert(即crt或cer，需要将后缀改为cert)，.key文件放入docker一下目录（需要自己创建）
/etc/docker/certs.d/harborIP/
重启docker
systemctl daemon-reload
systemctl restart docker

java集成k8s的sdk

<!-- k8s的javaSDK -->
        <dependency>
            <groupId>io.kubernetes</groupId>
            <artifactId>client-java</artifactId>
            <version>14.0.0</version>
        </dependency>

@Slf4j
@Configuration
public class ApiClientInit {

    @PostConstruct
    public void setDefaultApiClient() throws Exception {
        io.kubernetes.client.openapi.Configuration
                .setDefaultApiClient(
                        Config.fromConfig(
                                new ClassPathResource("config")
                                        .getInputStream()));
    }

    @Bean
    public CoreV1Api coreV1Api(){
        return new CoreV1Api();
    }

    @Bean
    public AppsV1Api appsV1Api(){
        return new AppsV1Api();
    }
}

将k8s配置文件引入到项目里
/etc/kubernetes/admin.conf

java集成docker的sdk

备注：使用https访问
https://zhuanlan.zhihu.com/p/424941132

<!--java操作docker -->
        <dependency>
            <groupId>com.github.docker-java</groupId>
            <artifactId>docker-java</artifactId>
            <version>3.2.13</version>
        </dependency>
        <!-- https://mvnrepository.com/artifact/com.spotify/docker-client -->
        <dependency>
            <groupId>com.spotify</groupId>
            <artifactId>docker-client</artifactId>
            <version>8.16.0</version>
        </dependency>

import com.github.dockerjava.api.DockerClient;
import com.github.dockerjava.core.DefaultDockerClientConfig;
import com.github.dockerjava.core.DockerClientConfig;
import com.github.dockerjava.core.DockerClientImpl;
import com.github.dockerjava.httpclient5.ApacheDockerHttpClient;
import com.github.dockerjava.transport.DockerHttpClient;
import com.spotify.docker.client.DefaultDockerClient;
import com.spotify.docker.client.DockerCertificates;
import com.spotify.docker.client.exceptions.DockerCertificateException;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;

import java.net.URI;
import java.nio.file.Paths;
import java.time.Duration;

@Component
public class DockerClientInit {

    @Bean("dockerClient")
    public DockerClient dockerClient() {
        //创建DefaultDockerClientConfig
        // 进行安全认证
        DockerClientConfig config = DefaultDockerClientConfig.createDefaultConfigBuilder()
                // 服务器ip
                .withDockerHost("tcp://dockerip:2375")
                .withApiVersion("1.12")
                .withDockerTlsVerify(true)
                .withDockerCertPath("D:/home")
                .withRegistryUrl("harborip")
                .withRegistryUsername("admin")
                .withRegistryPassword("Harbor12345")
                .build();
        //创建DockerHttpClient
        DockerHttpClient httpClient = new ApacheDockerHttpClient.Builder()
                .dockerHost(config.getDockerHost())
                .sslConfig(config.getSSLConfig())
                .maxConnections(100)
                .connectionTimeout(Duration.ofSeconds(30))
                .responseTimeout(Duration.ofSeconds(45))
                .build();
        return DockerClientImpl.getInstance(config, httpClient);
    }

    @Bean("client")
    public com.spotify.docker.client.DockerClient client() throws DockerCertificateException {
        return DefaultDockerClient.builder()
                .uri(URI.create("https://dockerip:2375"))
                .dockerCertificates(new DockerCertificates(Paths.get("D:/home")))
                .build();
    }
}

上传镜像到harbor仓库

备注：若完全使用此代码，file文件名需为xxx.tar，harbor需要创建zsl项目，harborip改为自己的ip,否则可能出错。我这里上传的是nginx.tar，下面下发也用的是nginx.tar，上传的镜像不同的话，下面下发镜像时也需要修改image拉取路径

@Override
    public void uploadImage(MultipartFile file) throws IOException {
        InputStream inputStream = file.getInputStream();
        String fileName = file.getOriginalFilename();
        uploadHarbor(inputStream,fileName);
    }

private void uploadHarbor(InputStream inputStream , String fileName) {
        log.info("上传文件名称：" + fileName);
        try {
            Set<String> imageSet = client.load(inputStream);
            for (String realImageName : imageSet) {
                // 用户输入的信息
                String userImageAddr = "harborip/zsl/"+fileName+":1.0";
                String[] split = userImageAddr.split(":");
                String imagesName = split[0];
                String version = split[1];
                log.info("split[0]=" +imagesName + ", split[1]=" + version);
                // tag   docker tag : 标记本地镜像，将其归入某一仓库
                dockerClient.tagImageCmd(realImageName, imagesName, version).exec();
                // push   docker push : 将本地的镜像上传到镜像仓库
                dockerClient.pushImageCmd(userImageAddr).start().awaitCompletion();
                // 删除镜像
                dockerClient.removeImageCmd(realImageName).exec();
                dockerClient.removeImageCmd(userImageAddr).exec();
                break;
            }
            log.info("推送成功");
        } catch (DockerException e) {
            log.error(String.valueOf(e));
        } catch (Exception e) {
            log.error("文件上传失败", e);
        }
    }

k8s镜像下发

public void runImage() throws ApiException {
        String name = "nginx-11";
        Map<String, String> labels = new HashMap<>();
        labels.put("app","nginx");
        V1ObjectMeta deployMeta = new V1ObjectMeta();
        deployMeta.name(name).namespace("zsl").labels(labels);


        V1ContainerPort v1ContainerPort = new V1ContainerPort().containerPort(80).hostPort(10008);
        List<V1ContainerPort> containerPorts = new ArrayList<>();
        containerPorts.add(v1ContainerPort);
		//这里需要改为自己的镜像路径
        V1Container v1Container = new V1Container().name(name)
                .image("harborip/zsl/nginx.tar:1.0").ports(containerPorts);

        List<V1Container> containers = new ArrayList<>();
        containers.add(v1Container);

        List<V1LocalObjectReference> imagePullSecrets = new ArrayList<>();
        V1LocalObjectReference reference = new V1LocalObjectReference();
        //这里需要改为k8s下发harbor私有仓库权限时的secret
        reference.name("custom-hub");
        imagePullSecrets.add(reference);

        V1DeploymentSpec deploySpec =
                new V1DeploymentSpec()
                        .replicas(1)
                        .selector(new V1LabelSelector().matchLabels(labels))
                        .template(new V1PodTemplateSpec()
                                .metadata(new V1ObjectMeta().labels(labels))
                                .spec(new V1PodSpec()
                                        //.hostNetwork(true)
                                        .imagePullSecrets(imagePullSecrets)
                                        .nodeName("node1")
                                        .containers(containers)));

        V1Deployment v1Deployment =
                new V1Deployment()
                        .apiVersion("apps/v1")
                        .kind("Deployment")
                        .metadata(deployMeta)
                        .spec(deploySpec);
                        //k8s需要创建namespace zsl
        appsV1Api.createNamespacedDeployment("zsl",v1Deployment,null,null,null);

    }