• Cloud Container Engine

cce
  1. Help Center
  2. Cloud Container Engine
  3. User Guide
  4. Getting Started
  5. Uploading Container Images

Uploading Container Images

After container images are built, upload them from the Docker client to the private container registry. The Docker client must have the permission to access the private container registry. Otherwise, the images cannot be uploaded.

Prerequisites

  • You have registered an account to the management console.
  • Docker 1.10.0 or a later version has been installed.

    You can download Docker at https://www.docker.com/ and install it by following the instructions provided at https://docs.docker.com/.

  • The frontendredis, and redisslave images of the Guestbook application have been built on the Docker client.
    • frontend is the container image of the Frontend component.
    • redis is the container image of the Redis_master component.
    • redisslave is the container image of the Redis_slave component.
  • Your valid AK/SK file has been uploaded to the CCE.

Procedure

  1. Connect the Docker client to the private container registry.

    1. In the navigation pane of the CCE console, choose Container Registry. On the Container Registry page, choose Upload Container Image > Download a certificate file to download the dockercfg file.
      Figure 1 Downloading a certificate file
      NOTE:

      After you click Download a certificate file, different browsers will respond differently. For some browsers, the browser downloads the dockercfg file to the local default directory automatically. For other browsers, you are prompted to confirm whether to open or save the downloaded dockercfg file.

      Example content in the dockercfg file:
      {"auths":{"172.20.124.81:443":{"auth":"****","email":""}}}

      In the example file, 172.20.124.81:443 is an example address of the container registry.

    2. Log in to your Docker client as the root user or any other user who is authorized to perform Docker operations. Run the following command to open the ~/.docker directory:
      cd ~/.docker
      NOTE:
      • If the ~/.docker directory does not exist on the Docker client, run the mkdir -p ~/.docker command to create a new one.
      • If your Docker client runs a Windows operating system, the config.json file is located in the %USERPROFILE%/.docker directory instead of the ~/.docker directory.
    3. Run the vi config.json command to copy the content of the dockercfg file to the config.json file.
    4. Authorize the Docker client to access the private container registry.
      NOTE:

      Docker 17.05.0-ce is an example Docker version. Settings of Docker parameters vary with Docker version and OS. For more information on how to configure Docker parameters, visit https://docs.docker.com/datacenter/dtr/2.0/configure/config-security/.

      • Ubuntu 14.04:

        Run the following command to add the container registry address (for example, 172.20.127.81:443) obtained in 1.a to the end of the "DOCKER_OPTS=--insecure-registry" line:

        vi /etc/default/docker

        Expected settings:

        # Use DOCKER_OPTS to modify the daemon startup options.
        DOCKER_OPTS="--insecure-registry 172.20.124.81:443"

        Run the following command to restart Docker:

        service docker restart

      • Ubuntu 16.04:
        Set the insecure-registries parameter in the  /etc/docker/daemon.json file to the container registry address obtained in  1.a.
        {
        "insecure-registries": ["172.20.124.81:443"]
        }

        Run the following command to restart Docker:

        systemctl daemon-reload

        service docker restart

      • CentOS and similar distributions (for example, CentOS 7.3):

        Run the following command to obtain the path in which the Docker configuration file is located:

        service docker status

        At the line starting with Loaded, you will find the path in which the Docker configuration file is located.

        Example command output:

        # service docker status
        Redirecting to /bin/systemctl status docker.service
        docker.service - Docker Application Container Engine
           Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled)
           Active: active (running) since Sat 2017-05-20 10:41:14 CST; 16min ago
             Docs: https://docs.docker.com

        Run the following command to add the container image address obtained in 1.a to the end of "--insecure-registry" at the line starting with ExecStart:

        vi /usr/lib/systemd/system/docker.service

        Expected settings:

        [Service]
        Type=notify
        ExecStart=/usr/bin/dockerd  --insecure-registry 172.20.124.81:443

        Run the following commands to restart Docker:

        systemctl daemon-reload

        service docker restart

      • OSX:

        On the Daemon tab page of Docker GUI, add the container registry address obtained in 1.a to the Insecure registries list. Then restart Docker.

      • Windows 10:

        On the Daemon tab page of Docker GUI, add the container registry address obtained in 1.a to the Insecure registries list. Then restart Docker.

      • OS Yosemite 10.10.2 or earlier; Windows 7 or earlier:
        1. Run the docker-machine ssh or boot2docker ssh command to log in to your Docker client.
        2. Add the container registry address obtained in 1.a to the configuration option EXTRA_ARGS in the /var/lib/boot2docker/profile file of your Docker client.
        EXTRA_ARGS='
        --label provider=virtualbox
        --insecure-registry 172.20.124.81:443
        '
        CACERT=/var/lib/boot2docker/ca.pem
        DOCKER_HOST='-H tcp://0.0.0.0:2376'
        DOCKER_STORAGE=aufs
        DOCKER_TLS=auto
        SERVERKEY=/var/lib/boot2docker/server-key.pem
        SERVERCERT=/var/lib/boot2docker/server.pem

        Run the following command to restart Docker:

        service docker restart

  2. Run the following command to tag frontendredis, and redisslave images.

    Command syntax:

    docker tag images_id 172.20.124.81:443/domain_name/image_name:version

    In this command:

    • images_id is the container image ID.
    • 172.20.124.81:443 is the address of the private container registry obtained in 1.a.
    • domain_name is the Domain Name used for uploading container images.

      The value of domain_name parameter must be a string of lowercase letters without space.

      For example, your domain_name can be something like: OTC00000000001000010622 and can be found under the MyCredentials page in your OTC.

    • image_name is the container image name.
    • version is the container image version.

    To query the container image ID, image name, and image version, run the following command:

    docker images

    Example commands for tagging container images:

    docker tag c9fd36df346a 172.20.124.81:443/otc00000000001000010622/frontend:latest

    docker tag e9d5f05942ad 172.20.124.81:443/otc00000000001000010622/redis:latest

    docker tag 5f026ddffa27 172.20.124.81:443/otc00000000001000010622/redisslave:latest

  3. Run the following command to upload frontendredis, and redisslave images:

    Command syntax:

    docker push 172.20.124.81:443/domain_name/image_name:version

    In this command:

    • 172.20.124.81:443 is the address of the container registry.
    • domain_name is the Domain Name used for uploading container images.

      The value of domain_name parameter must be a string of lowercase letters without space. For example, your domain_name can be something like: OTC00000000001000010622 and can be found under the MyCredentials page in your OTC.

    • image_name is the container image name.
    • version is the container image version number.

    Example commands:

    docker push 172.20.124.81:443/otc00000000001000010622/frontend:latest

    docker push 172.20.124.81:443/otc00000000001000010622/redis:latest

    docker push 172.20.124.81:443/otc00000000001000010622/redisslave:latest

    After the container images are uploaded successfully, information similar to the following is displayed:

    The push refers to a repository [172.20.124.81:443/otc00000000001000010622/redisslave] 
    ...... 
    latest:digest:sha256:e59050aa3ed5c08fe9907a3ca0198cc85892c77ae17d90f4c54775691432827a size: 12019

    To view the uploaded container images, choose Container Registry in the navigation pane of the CCE console. The uploaded images are then displayed in the right-hand side of the CCE console.

    Figure 2 List of private container images