diff --git a/.github/ojobs/getVersions.yaml b/.github/ojobs/getVersions.yaml index 6533a832..1a111fbd 100644 --- a/.github/ojobs/getVersions.yaml +++ b/.github/ojobs/getVersions.yaml @@ -36,6 +36,8 @@ jobs: .sh(["docker", "run", "--rm", "nmaguiar/imgutils:" + args.tag, "/bin/sh", "-c", `helm version | /openaf/oafp path=Version`]) .sh(["docker", "run", "--rm", "nmaguiar/imgutils:" + args.tag, "/bin/sh", "-c", `skopeo -v | /openaf/oafp path="split(@, ' ')[2]"`]) .sh(["docker", "run", "--rm", "nmaguiar/imgutils:" + args.tag, "/bin/sh", "-c", `crictl -v | /openaf/oafp path="split(@, ' ')[2]"`]) + .sh(["docker", "run", "--rm", "nmaguiar/imgutils:" + args.tag, "/bin/sh", "-c", `ctr -v | /openaf/oafp path="replace(split(@, ' ')[2],'v','','')"`]) + .sh(["docker", "run", "--rm", "nmaguiar/imgutils:" + args.tag, "/bin/sh", "-c", `nerdctl -v | /openaf/oafp path="split(@,' ')[2]"`]) .sh(["docker", "run", "--rm", "nmaguiar/imgutils:" + args.tag, "/bin/sh", "-c", `dive -v | /openaf/oafp path="split(@,' ').split([1],'-')[0]"`]) .sh(["docker", "run", "--rm", "nmaguiar/imgutils:" + args.tag, "/bin/sh", "-c", `TERM=UTF-8 mc -V | /openaf/oafp in=lines linesjoin=true path="split([0], ' ')[3]"`]) .getJson() diff --git a/Dockerfile b/Dockerfile index d84674ef..ddd47ed6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,11 +18,13 @@ FROM openaf/oaf as main #COPY --from=dive /dive /usr/bin/dive -COPY README.md /README.md +#COPY README.md /README.md USER root +# Setup all tools +# --------------- RUN apk update\ - && apk --no-cache add docker-cli skopeo curl tar bash gzip mc\ + && apk --no-cache add docker-cli skopeo curl tar bash gzip mc containerd-ctr nerdctl bash-completion\ && /openaf/ojob ojob.io/kube/getCriCtl path=/usr/bin\ && /openaf/ojob ojob.io/kube/getHelm path=/usr/bin\ && /openaf/opack install DockerRegistry\ @@ -30,9 +32,14 @@ RUN apk update\ && /openaf/opack install BouncyCastle\ && /openaf/opack install oafproc\ && mkdir /openaf/ojobs\ - && /openaf/ojob ojob.io/get job=ojob.io/docker/expand.yaml > /openaf/ojobs/expand.yaml\ - && /openaf/ojob ojob.io/get job=ojob.io/docker/collapse.yaml > /openaf/ojobs/collapse.yaml\ + && /openaf/ojob ojob.io/get job=ojob.io/docker/expand.yaml > /openaf/ojobs/imgExpand.yaml\ + && /openaf/ojob ojob.io/get job=ojob.io/docker/collapse.yaml > /openaf/ojobs/imgCollapse.yaml\ && /openaf/ojob ojob.io/get job=ojob.io/docker/listHubRepo.yaml > /openaf/ojobs/listHubRepo.yaml\ + && /openaf/ojob ojob.io/get job=ojob.io/oaf/colorFormats.yaml > /openaf/ojobs/colorFormats.yaml\ + && /openaf/oaf --sb /openaf/ojobs/imgExpand.yaml\ + && /openaf/oaf --sb /openaf/ojobs/imgCollapse.yaml\ + && /openaf/oaf --sb /openaf/ojobs/listHubRepo.yaml\ + && /openaf/oaf --sb /openaf/ojobs/colorFormats.yaml\ && chown -R openaf:0 /openaf\ && chown openaf:0 /openaf/.opack.db\ && chmod -R u+rwx,g+rwx,o+rx,o-w /openaf/*\ @@ -41,8 +48,26 @@ RUN apk update\ && sudo chmod g+w /openaf/.opack.db\ && chmod a+x /usr/bin/crictl\ && chmod a+x /usr/bin/helm\ - && rm /lib/apk/db/* + && cp /usr/bin/ctr /tmp/ctr\ + && apk del containerd-ctr\ + && mv /tmp/ctr /usr/bin/ctr\ + && cp /usr/bin/nerdctl /tmp/nerdctl\ + && apk del nerdctl\ + && mv /tmp/nerdctl /usr/bin/nerdctl\ + && rm /lib/apk/db/*\ + && sed -i "s/\/bin\/sh/\/bin\/bash/g" /etc/passwd +# Setup bash completion +# --------------------- +RUN echo "source <(crictl completion bash)" >> /etc/bash/start.sh\ + && echo "source <(helm completion bash)" >> /etc/bash/start.sh\ + && echo "source <(docker completion bash)" >> /etc/bash/start.sh\ + && echo "source <(skopeo completion bash)" >> /etc/bash/start.sh\ + && curl -s https://ojob.io/autoComplete.sh -o /etc/.openaf-ojobio-complete\ + && echo "source /etc/.openaf-ojobio-complete" >> /etc/bash/start.sh + +# Setup Dive +# ---------- RUN cd /tmp\ && skopeo copy docker://wagoodman/dive docker-archive:dive.tar\ && /openaf/ojob ojob.io/docker/expand image=dive.tar output=output\ @@ -50,13 +75,50 @@ RUN cd /tmp\ && rm -rf output\ && rm dive.tar +# Setup imgutils folder +# --------------------- +RUN mkdir /imgutils\ + && chmod a+rwx /imgutils\ + && chown openaf:0 /imgutils + +# Setup welcome message and vars +# ------------------------------ +COPY welcome.txt /etc/imgutils +RUN gzip /etc/imgutils\ + && echo "zcat /etc/imgutils.gz" >> /etc/bash/start.sh\ + && echo "/status" >> /etc/bash/start.sh\ + && echo "echo ''" >> /etc/bash/start.sh\ + && echo "export CONTAINER_RUNTIME_ENDPOINT=unix:///run/containerd/containerd.sock" >> /etc/bash/start.sh\ + && echo "export IMAGE_SERVICE_ENDPOINT=unix:///run/containerd/containerd.sock" >> /etc/bash/start.sh\ + && echo "alias oafptab='oafp in=lines linesvisual=true linesjoin=true out=ctable'" >> /etc/bash/start.sh\ + && echo "alias oaf-light-theme='colorFormats.yaml op=set theme=thin-light-bold'" >> /etc/bash/start.sh\ + && echo "alias oaf-dark-theme='colorFormats.yaml op=set theme=thin-intense-bold'" >> /etc/bash/start.sh\ + && echo "alias help='source /etc/bash/start.sh'" >> /etc/bash/start.sh\ + && cp /etc/bash/start.sh /etc/profile.d/start.sh + +# Setup usage and examples +# ------------------------ +COPY USAGE.md /USAGE.md +COPY EXAMPLES.md /EXAMPLES.md +COPY status.sh /status +RUN gzip /USAGE.md\ + && gzip /EXAMPLES.md\ + && echo "#!/bin/sh" > /usr/bin/usage-help\ + && echo "zcat /USAGE.md.gz | oafp in=md mdtemplate=true | less -r" >> /usr/bin/usage-help\ + && echo "#!/bin/sh" > /usr/bin/examples-help\ + && echo "zcat /EXAMPLES.md.gz | oafp in=md mdtemplate=true | less -r" > /usr/bin/examples-help\ + && chmod a+x /usr/bin/usage-help\ + && chmod a+x /usr/bin/examples-help\ + && chmod a+x /status + # ------------------- FROM scratch as final COPY --from=main / / ENV OAF_HOME=/openaf -ENV PATH=$PATH:$OAF_HOME +ENV PATH=$PATH:$OAF_HOME:$OAF_HOME/ojobs USER openaf -WORKDIR /openaf \ No newline at end of file +WORKDIR /imgutils +CMD ["/usr/bin/usage-help"] \ No newline at end of file diff --git a/EXAMPLES.md b/EXAMPLES.md new file mode 100644 index 00000000..d7bee36c --- /dev/null +++ b/EXAMPLES.md @@ -0,0 +1,369 @@ +# Examples + +List of examples: + +| Category | Example title | +|----------|---------------| +| Registry | Copying images and charts between registries | +| Registry | Copying images and charts from a file to a registry | +| Registry | Checking available repositories on a docker private registry | +| Docker | Accessing the Docker daemon | +| Docker | Using the host docker authentication | +| Kubernetes | Accessing Kubernetes container runtime | +| Kubernetes | Checking the images 'cached' on the current Kubernetes node | +| Kubernetse | Loop the cpu, memory and storage metrics of each container on the current Kubernetes node | +| Images | Checking images content | +| Images | Changing files on an existing image | + +> To search for a specific example type '/Checking images content' and use the arrow keys to navigate + +## Copying images and charts between registries + +1. Execute: + +```bash + +# With just docker +docker run --name imgutils --rm -ti nmaguiar/imgutils sudo /bin/bash + +# With just kubectl +kubectl run imgutils --rm -ti --image=nmaguiar/imgutils -- sudo /bin/bash + +``` + +2. To copy from registry A to registry B, start by login into A and B: + +```bash + +skopeo login a.registry -u userA --password-stdin +[enter password for user A] +[hit Ctrl-D] + +skopeo login b.registry -u userB --password-stdin +[enter password for user B] +[hit Ctrl-D] + +``` + +3. Copy the image or helm chart between registry A and registry B: + +```bash + +skopeo copy --all docker://a.registry/some/image:1.2.3 docker://b.registry/some/image:1.2.3 + +skopeo copy --all docker://a.registry/some/chart:1.2.3 docker://b.registry/some/chart:1.2.3 + +``` + +4. Exit image: + +```bash + +exit + +``` + +--- + +## Copying images and charts from a file to a registry + +1. Execute: + +```bash + +# With just docker +docker run --name imgutils --rm -ti nmaguiar/imgutils sudo /bin/bash + +# With just kubectl +kubectl run imgutils --rm -ti --image=nmaguiar/imgutils -- sudo /bin/bash + +``` + +2. Copy the images and charts to the running image + +```bash + +# With just docker +docker cp myImageOrChart.tgz imgutils:/tmp/myImageOrChart.tgz + +# With just kubectl +kubectl cp myImageOrChart.tgz imgutils:/tmp/myImageOrChart.tgz + +``` + +3. Login into the target registry + +```bash + +skopeo login b.registry -u userB --password-stdin +[enter password for user B] +[hit Ctrl-D] + +helm registry login b.registry -u userB --password-stdin +[enter password for user B] +[hit Ctrl-D] + +``` + +4. Copy the image to the target registry + +```bash + +skopeo copy --all docker-archive:/tmp/myImage.tgz docker://b.registry/some/image-or-chart:1.2.3 + +``` + +or copy the chart to the target registry + +```bash + +helm push /tmp/myChart.tgz oci://some/chart + +``` + +5. Exit image: + +```bash + +exit + +``` + +--- + +## Accessing the Docker daemon + +With docker you can execute directly: + +```bash + +docker run --rm -ti -v /var/run/docker.sock:/var/run/docker.sock nmaguiar/imgutils sudo /bin/bash + +``` + +Then you can execute commands like: + +```bash + +$ docker images +[...] +$ docker ps +[...] +$ docker rmi some/image +[...] + +``` + +To exit just execute: + +```bash + +exit + +``` + +--- + +## Accessing Kubernetes container runtime + +### AWS EKS with crictl + +To use crictl on a specific node (change from "server-0" to the specific node you want): + +```bash + +NODENAME=ec2-server-0 NAME=imgutils HPATH=/run/containerd/containerd.sock /bin/sh -c 'kubectl run -n kube-system $NAME --rm -ti --image=nmaguiar/imgutils --overrides="{\"apiVersion\":\"v1\",\"spec\":{\"nodeName\":\"$NODENAME\",\"containers\":[{\"name\":\"$NAME\",\"image\":\"nmaguiar/imgutils\",\"stdin\":true,\"stdinOnce\":true,\"tty\":true,\"args\":[\"sudo\",\"-E\",\"/bin/bash\"],\"env\":[{\"name\":\"CONTAINER_RUNTIME_ENDPOINT\",\"value\":\"unix:///run/containerd/containerd.sock\"}],\"volumeMounts\":[{\"name\":\"cri\",\"mountPath\":\"/run/containerd/containerd.sock\"}]}],\"volumes\":[{\"name\":\"cri\",\"hostPath\":{\"path\":\"$HPATH\"}}]}}" -- sudo -E /bin/bash' + +``` + +Then you can execute commands like: + +```bash + +$ crictl images +[...] +$ crictl ps +[...] +$ crictl rmi docker.io/some/image:latest +[...] + +``` + +To exit just execute: + +```bash + +exit + +``` + +### K3S with crictl + +To use crictl on a specific node (change from "k3s-server-0" to the specific node you want): + +```bash + +NODENAME=k3s-server-0 NAME=imgutils HPATH=/run/k3s/containerd/containerd.sock /bin/sh -c 'kubectl run -n kube-system $NAME --rm -ti --image=nmaguiar/imgutils --overrides="{\"apiVersion\":\"v1\",\"spec\":{\"nodeName\":\"$NODENAME\",\"containers\":[{\"name\":\"$NAME\",\"image\":\"nmaguiar/imgutils\",\"stdin\":true,\"stdinOnce\":true,\"tty\":true,\"args\":[\"sudo\",\"-E\",\"/bin/bash\"],\"env\":[{\"name\":\"CONTAINER_RUNTIME_ENDPOINT\",\"value\":\"unix:///run/containerd/containerd.sock\"}],\"volumeMounts\":[{\"name\":\"cri\",\"mountPath\":\"/run/containerd/containerd.sock\"}]}],\"volumes\":[{\"name\":\"cri\",\"hostPath\":{\"path\":\"$HPATH\"}}]}}" -- sudo -E /bin/bash' + +``` + +Then you can execute commands like: + +```bash + +$ crictl images +[...] +$ crictl ps +[...] +$ crictl rmi docker.io/some/image:latest +[...] + +``` + +To exit just execute: + +```bash + +exit + +``` + +### OpenShift with crictl + +To use crictl on a specific OpenShift node (change from "server-0" to the specific node you want): + +```bash + +NODENAME=server-0 NAME=imgutils HPATH=/var/run/crio/crio.sock /bin/sh -c './kubectl run -n kube-system $NAME --rm -ti --image=nmaguiar/imgutils --overrides="{\"apiVersion\":\"v1\",\"spec\":{\"nodeName\":\"$NODENAME\",\"containers\":[{\"name\":\"$NAME\",\"image\":\"nmaguiar/imgutils\",\"securityContext\":{\"privileged\":true},\"stdin\":true,\"stdinOnce\":true,\"tty\":true,\"args\":[\"sudo\",\"-E\",\"/bin/bash\"],\"env\":[{\"name\":\"CONTAINER_RUNTIME_ENDPOINT\",\"value\":\"unix:///run/crio/crio.sock\"}],\"volumeMounts\":[{\"name\":\"cri\",\"mountPath\":\"/run/crio/crio.sock\"}]}],\"volumes\":[{\"name\":\"cri\",\"hostPath\":{\"path\":\"$HPATH\"}}]}}" -- sudo -E /bin/bash' + +``` + +Then you can execute commands like: + +```bash + +$ crictl images +[...] +$ crictl ps +[...] +$ crictl rmi docker.io/some/image:latest +[...] + +``` + +To exit just execute: + +```bash + +exit + +``` + +--- + +## Checking images content + +To check images use the following commands within the imgutils/nmaguiar: + +```bash + +$ dive docker.io/some/image:latest +[...] +$ docker image save some/image:latest > image.tar +[...] +$ imgExpand.yaml image=image.tar output=output json=image.json +# Check the output for the entrypoint and other information about the image +$ cd output +$ mc +# then use the midnight-commander UI to check the contents + +``` + +--- + +## Changing files on an existing image + +To create a new image with changes to files on an existing image: + +```bash + +$ skopeo copy docker-daemon:my-image:latest docker-archive:my-image.tar +# Expand the image with the corresponding layers (if you don't choose it you will save an image with one layer only after changing) +$ imgExpand.yaml image=my-image.tar output=my-image json=my-image.json usetar=true layers=true +# Make the changes you need on the files of the folder my-image and then get back to the original folder +# ... +$ imgCollapse.yaml image=my-image.tar input=my-image json=my-image.json usetar=true +# Copy the new changed image +$ skopeo copy docker-archive:my-image.tar docker-daemon:my-image:v2 +# Test your changed image +$ docker run --rm -ti my-image:v2 + +``` + +--- + +## Using the host docker authentication + +To start imgutils/nmaguiar with the local host docker authentication: + +```bash + +docker run --rm -ti -v /var/run/docker.sock:/var/run/docker.sock -v $HOME:/work nmaguiar/imgutils /bin/sh -c "mkdir /home/openaf/.docker && sudo cp /work/.docker/config.json /home/openaf/.docker/. && sudo chmod a+r /home/openaf/.docker/*&& /bin/bash" + +``` + +--- + +## Checking available repositories on a docker private registry + +Not all private container registries allow the listing of their repositories. But if they do you can try: + +```bash + +oafp libs=dockerregistry in=registryrepos inregistryurl=http://registry:5000 data="()" + +``` + +> Check for more options with 'oafp libs=dockerregistry help=dockerregistry' + +--- + +## Checking the images 'cached' on the current Kubernetes node + +If you are currently running on a Kubernetes node (following the deploy instructions in 'usage-help') you can list the 'cached' images on it by executing: + +```bash + +crictl images | oafptab sql="select * order by IMAGE,TAG" + +``` + +You can additionally force pulling an image: + +```bash + +crictl pull my-registry/my/image:1.2.3 + +``` + +Or even delete an unused image: + +```bash + +crictl rmi 6b963af3240f2 + +``` + +> Use the IMAGE ID field value + +--- + +## Loop the cpu, memory and storage metrics of each container on the current Kubernetes node + +If you are currently running on a Kubernetes node (following the deploy instructions in 'usage-help') you can obtain each containers' metrics: + +```bash + +oafp cmd="crictl stats -o json" path="stats[].{ns:attributes.labels.\"io.kubernetes.pod.namespace\",pod:attributes.labels.\"io.kubernetes.pod.name\",name:attributes.metadata.name,cpuUsageCores:cpu.usageNanoCores.value,memWorkSet:memory.workingSetBytes.value,memAvail:memory.availableBytes.value,memUsage:memory.usageBytes.value,memRss:memory.rssBytes.value,memPageFault:memory.pageFaults.value,memMajorPageFaults:memory.majorPageFaults.value,ephUsed:writableLayer.usedBytes.value,ephInodes:writableLayer.inodesUsed.value}" from="sort(ns,pod,name)" out=ctable loop=2 loopcls=true + +``` \ No newline at end of file diff --git a/README.md b/README.md index eff91d43..b89d3913 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,8 @@ Alpine based image ("nmaguiar/imgutils") with: * helm * docker-cli * crictl +* ctr +* nerdctl * dive (https://github.com/wagoodman/dive) * openaf (with DockerRegistry, Kube, oafp) * mc (Midnight Commander) @@ -29,7 +31,7 @@ This should be enough tools to be able to manage images on a Kubernetes cluster ## Guides * [Copying images and charts between registries](#copying-images-and-charts-between-registries) -* [Copying images and charts from file to a registry](#copying-images-and-charts-from-file-to-a-registry) +* [Copying images and charts from a file to a registry](#copying-images-and-charts-from-a-file-to-a-registry) * [Accessing the Docker daemon](#accessing-the-docker-daemon) * [Accessing Kubernetes container runtime](#accessing-kubernetes-container-runtime) * [Checking images content](#checking-images-content) @@ -52,17 +54,17 @@ docker run --rm -ti -v /var/run/docker.sock:/var/run/docker.sock nmaguiar/imguti ##### For AWS EKS ```bash -NODENAME=ec2-server-0 NAME=imgutils HPATH=/run/containerd/containerd.sock /bin/sh -c 'kubectl run -n kube-system $NAME --rm -ti --image=nmaguiar/imgutils --overrides="{\"apiVersion\":\"v1\",\"spec\":{\"nodeName\":\"$NODENAME\",\"containers\":[{\"name\":\"$NAME\",\"image\":\"nmaguiar/imgutils\",\"stdin\":true,\"stdinOnce\":true,\"tty\":true,\"args\":[\"sudo\",\"-E\",\"/bin/bash\"],\"env\":[{\"name\":\"CONTAINER_RUNTIME_ENDPOINT\",\"value\":\"unix:///run/containerd/containerd.sock\"}],\"volumeMounts\":[{\"name\":\"cri\",\"mountPath\":\"/run/containerd/containerd.sock\"}]}],\"volumes\":[{\"name\":\"cri\",\"hostPath\":{\"path\":\"$HPATH\"}}]}}" -- sudo -E /bin/bash' +NODENAME=ec2-server-0 NAME=imgutils HPATH=/run/containerd/containerd.sock /bin/sh -c 'kubectl run -n kube-system $NAME --rm -ti --image=nmaguiar/imgutils --overrides="{\"apiVersion\":\"v1\",\"spec\":{\"nodeName\":\"$NODENAME\",\"containers\":[{\"name\":\"$NAME\",\"image\":\"nmaguiar/imgutils\",\"stdin\":true,\"stdinOnce\":true,\"tty\":true,\"args\":[\"sudo\",\"-E\",\"/bin/bash\"],\"env\":[{\"name\":\"CONTAINER_RUNTIME_ENDPOINT\",\"value\":\"unix:///run/containerd/containerd.sock\"}],\"volumeMounts\":[{\"name\":\"cri\",\"mountPath\":\"/run/containerd/containerd.sock\"}]}],\"volumes\":[{\"name\":\"cri\",\"hostPath\":{\"path\":\"$HPATH\"}}]}}" -- sudo -E /bin/bash' ``` ##### For K3S/K3D ```bash -NODENAME=k3s-server-0 NAME=imgutils HPATH=/run/k3s/containerd/containerd.sock /bin/sh -c 'kubectl run -n kube-system $NAME --rm -ti --image=nmaguiar/imgutils --overrides="{\"apiVersion\":\"v1\",\"spec\":{\"nodeName\":\"$NODENAME\",\"containers\":[{\"name\":\"$NAME\",\"image\":\"nmaguiar/imgutils\",\"stdin\":true,\"stdinOnce\":true,\"tty\":true,\"args\":[\"sudo\",\"-E\",\"/bin/bash\"],\"env\":[{\"name\":\"CONTAINER_RUNTIME_ENDPOINT\",\"value\":\"unix:///run/containerd/containerd.sock\"}],\"volumeMounts\":[{\"name\":\"cri\",\"mountPath\":\"/run/containerd/containerd.sock\"}]}],\"volumes\":[{\"name\":\"cri\",\"hostPath\":{\"path\":\"$HPATH\"}}]}}" -- sudo -E /bin/bash' +NODENAME=k3s-server-0 NAME=imgutils HPATH=/run/k3s/containerd/containerd.sock /bin/sh -c 'kubectl run -n kube-system $NAME --rm -ti --image=nmaguiar/imgutils --overrides="{\"apiVersion\":\"v1\",\"spec\":{\"nodeName\":\"$NODENAME\",\"containers\":[{\"name\":\"$NAME\",\"image\":\"nmaguiar/imgutils\",\"stdin\":true,\"stdinOnce\":true,\"tty\":true,\"args\":[\"sudo\",\"-E\",\"/bin/bash\"],\"env\":[{\"name\":\"CONTAINER_RUNTIME_ENDPOINT\",\"value\":\"unix:///run/containerd/containerd.sock\"}],\"volumeMounts\":[{\"name\":\"cri\",\"mountPath\":\"/run/containerd/containerd.sock\"}]}],\"volumes\":[{\"name\":\"cri\",\"hostPath\":{\"path\":\"$HPATH\"}}]}}" -- sudo -E /bin/bash' ``` ##### For OpenShift ```bash -NODENAME=server-0 NAME=imgutils HPATH=/var/run/crio/crio.sock /bin/sh -c './kubectl run -n kube-system $NAME --rm -ti --image=nmaguiar/imgutils --overrides="{\"apiVersion\":\"v1\",\"spec\":{\"nodeName\":\"$NODENAME\",\"containers\":[{\"name\":\"$NAME\",\"image\":\"nmaguiar/imgutils\",\"securityContext\":{\"privileged\":true},\"stdin\":true,\"stdinOnce\":true,\"tty\":true,\"args\":[\"sudo\",\"-E\",\"/bin/bash\"],\"env\":[{\"name\":\"CONTAINER_RUNTIME_ENDPOINT\",\"value\":\"unix:///run/crio/crio.sock\"}],\"volumeMounts\":[{\"name\":\"cri\",\"mountPath\":\"/run/crio/crio.sock\"}]}],\"volumes\":[{\"name\":\"cri\",\"hostPath\":{\"path\":\"$HPATH\"}}]}}" -- sudo -E /bin/bash' +NODENAME=server-0 NAME=imgutils HPATH=/var/run/crio/crio.sock /bin/sh -c './kubectl run -n kube-system $NAME --rm -ti --image=nmaguiar/imgutils --overrides="{\"apiVersion\":\"v1\",\"spec\":{\"nodeName\":\"$NODENAME\",\"containers\":[{\"name\":\"$NAME\",\"image\":\"nmaguiar/imgutils\",\"securityContext\":{\"privileged\":true},\"stdin\":true,\"stdinOnce\":true,\"tty\":true,\"args\":[\"sudo\",\"-E\",\"/bin/bash\"],\"env\":[{\"name\":\"CONTAINER_RUNTIME_ENDPOINT\",\"value\":\"unix:///run/crio/crio.sock\"}],\"volumeMounts\":[{\"name\":\"cri\",\"mountPath\":\"/run/crio/crio.sock\"}]}],\"volumes\":[{\"name\":\"cri\",\"hostPath\":{\"path\":\"$HPATH\"}}]}}" -- sudo -E /bin/bash' ``` ### nmaguiar/imgutils:lite @@ -127,7 +129,7 @@ skopeo copy --all docker://a.registry/some/chart:1.2.3 docker://b.registry/some/ exit ``` -### Copying images and charts from file to a registry +### Copying images and charts from a file to a registry 1. Execute: @@ -304,3 +306,9 @@ To start imgutils/nmaguiar with the local host docker authentication: ```bash docker run --rm -ti -v /var/run/docker.sock:/var/run/docker.sock -v $HOME:/work nmaguiar/imgutils /bin/sh -c "mkdir /home/openaf/.docker && sudo cp /work/.docker/config.json /home/openaf/.docker/. && sudo chmod a+r /home/openaf/.docker/*&& /bin/bash" ``` + +--- + +📚 See more documentation in https://github.com/nmaguiar/imgutils + +--- diff --git a/USAGE.md b/USAGE.md new file mode 100644 index 00000000..b4443e39 --- /dev/null +++ b/USAGE.md @@ -0,0 +1,65 @@ +# ImgUtils usage + +Welcome to the ImgUtils image. Check the deployment options available and the list of available tools (in the end). + +--- + +## 🐳 Deploy using docker + +{{{$acolor 'FAINT,ITALIC' 'docker run --rm -ti -v /var/run/docker.sock:/var/run/docker.sock nmaguiar/imgutils sudo /bin/bash'}}} + +--- + +## 🤓 Deploy using nerdctl + +{{{$acolor 'FAINT,ITALIC' 'nerdctl run --rm -ti -v /run/k3s/containerd/containerd.sock:/run/containerd/containerd.sock nmaguiar/imgutils:build sudo /bin/bash'}}} + +--- + +## ⚙️ Deploy using kubectl + +First check the nodes' names with 'kubectl get nodes' + +### For AWS EKS + +{{{$acolor 'FAINT,ITALIC' 'NODENAME=ec2-server-0 NAME=imgutils HPATH=/run/containerd/containerd.sock /bin/sh -c \'kubectl run -n kube-system $NAME --rm -ti --image=nmaguiar/imgutils --overrides="{\"apiVersion\":\"v1\",\"spec\":{\"nodeName\":\"$NODENAME\",\"containers\":[{\"name\":\"$NAME\",\"image\":\"nmaguiar/imgutils\",\"stdin\":true,\"stdinOnce\":true,\"tty\":true,\"args\":[\"sudo\",\"/bin/bash\"],\"env\":[{\"name\":\"CONTAINER_RUNTIME_ENDPOINT\",\"value\":\"unix:///run/containerd/containerd.sock\"}],\"volumeMounts\":[{\"name\":\"cri\",\"mountPath\":\"/run/containerd/containerd.sock\"}]}],\"volumes\":[{\"name\":\"cri\",\"hostPath\":{\"path\":\"$HPATH\"}}]}}" -- sudo /bin/bash\''}}} + +### For K3S/K3D + +{{{$acolor 'FAINT,ITALIC' 'NODENAME=k3s-server-0 NAME=imgutils HPATH=/run/k3s/containerd/containerd.sock /bin/sh -c \'kubectl run -n kube-system $NAME --rm -ti --image=nmaguiar/imgutils --overrides="{\"apiVersion\":\"v1\",\"spec\":{\"nodeName\":\"$NODENAME\",\"containers\":[{\"name\":\"$NAME\",\"image\":\"nmaguiar/imgutils\",\"stdin\":true,\"stdinOnce\":true,\"tty\":true,\"args\":[\"sudo\",\"/bin/bash\"],\"env\":[{\"name\":\"CONTAINER_RUNTIME_ENDPOINT\",\"value\":\"unix:///run/containerd/containerd.sock\"}],\"volumeMounts\":[{\"name\":\"cri\",\"mountPath\":\"/run/containerd/containerd.sock\"}]}],\"volumes\":[{\"name\":\"cri\",\"hostPath\":{\"path\":\"$HPATH\"}}]}}" -- sudo /bin/bash\''}}} + +### For OpenShift + +{{{$acolor 'FAINT,ITALIC' 'NODENAME=server-0 NAME=imgutils HPATH=/var/run/crio/crio.sock /bin/sh -c \'./kubectl run -n kube-system $NAME --rm -ti --image=nmaguiar/imgutils --overrides="{\"apiVersion\":\"v1\",\"spec\":{\"nodeName\":\"$NODENAME\",\"containers\":[{\"name\":\"$NAME\",\"image\":\"nmaguiar/imgutils\",\"securityContext\":{\"privileged\":true},\"stdin\":true,\"stdinOnce\":true,\"tty\":true,\"args\":[\"sudo\",\"/bin/bash\"],\"env\":[{\"name\":\"CONTAINER_RUNTIME_ENDPOINT\",\"value\":\"unix:///run/crio/crio.sock\"}],\"volumeMounts\":[{\"name\":\"cri\",\"mountPath\":\"/run/crio/crio.sock\"}]}],\"volumes\":[{\"name\":\"cri\",\"hostPath\":{\"path\":\"$HPATH\"}}]}}" -- sudo /bin/bash\''}}} + +--- + +## 🛠️ Utils available in this image + +| Utility | Use for | +|---------|-------------| +| skopeo | Copy from/to container registries, archive files and from/to docker daemon | +| helm | The most popular Kubernetes package manager (for use to pull/push charts) | +| docker | Docker client to interact with a docker daemon (see above 'Deploy using docker') | +| crictl | Client to interact with containerd/cri-o with Kubernetes (see above 'Deploy using kubectl') | +| ctr | Containerd low-level client tool | +| nerdctl | Containerd high-level client tool (see above 'Deploy using nerdctl' and/or 'Deploy using kubectl') | +| dive | A tool for exploring each layer in a docker image | +| mc | Midnight Commander visual file manager | +| openaf | A "swiss-army knife" devops tool & runtime | +| imgExpand.yaml | Expands a docker container archive file, layer by layer, into an output folder (uses OpenAF's oJob) | +| imgCollapse.yaml | Collapse a previously expanded docker container archive file, layer by layer, into an output image file (uses OpenAF's oJob) | +| listHubRepo.yaml | Check when was the last pull and push, on docker hub, for a specific image (uses OpenAF's oJob) | + +--- + +## 🔧 Other commands and aliases + +| Type | Executable | Description | +|------|------------|-------------| +| Alias | help | Shows the image version and main instructions and presence of connectivity to container runtimes | +| Alias | oaf-light-theme | Sets the openaf/oafp command output them to a light screen theme | +| Alias | oaf-dark-theme | Sets the openaf/oafp command output them to a dark screen theme | +| Alias | oafptab | Parses the stdin input ascii table (e.g. crictl images) into an ascii table with oafp query functionality | +| Command | usage-help | Displays the image's usage help | +| Command | examples-help | Displays the image's examples help | diff --git a/status.sh b/status.sh new file mode 100644 index 00000000..b288f2c7 --- /dev/null +++ b/status.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +RED='\033[0;31m' +YELLOW='\033[1;33m' +GREEN='\033[0;32m' +NC='\033[0m' +FAINT='\033[2m' + +docker_sock="${YELLOW}not present${NC}${FAINT}" +crio_sock="${YELLOW}not present${NC}${FAINT}" +containerd_sock="${YELLOW}not present${NC}${FAINT}" + +[ -S /var/run/docker.sock ] && docker_sock="${GREEN}present${NC}${FAINT}" +[ -S /run/crio/crio.sock ] && crio_sock="${GREEN}present${NC}${FAINT}" +[ -S /run/containerd/containerd.sock ] && containerd_sock="${GREEN}present${NC}${FAINT}" + +echo -e " ${FAINT}connections: (docker: $docker_sock, crictl: ( cri-o: $crio_sock , containerd: $containerd_sock ))${NC}" \ No newline at end of file diff --git a/welcome.txt b/welcome.txt new file mode 100644 index 00000000..ca9d158c --- /dev/null +++ b/welcome.txt @@ -0,0 +1,9 @@ + o | o| + .,-.-.,---.. .|--- .| ,---. + || | || || || || `---. + `` ' '`---|`---'`---'``---'`---' + `---' (v0.1.0) + + For image deploy usage type & execute 'usage-help' + For examples of usage type & execute 'examples-help' +