Python源码示例:docker.DockerClient()
示例1
def getBridgeGateway():
"""
Look up the gateway IP address for the docker bridge network.
This is the docker0 IP address; it is the IP address of the host from the
chute's perspective.
"""
client = docker.DockerClient(base_url="unix://var/run/docker.sock", version='auto')
network = client.networks.get("bridge")
for config in network.attrs['IPAM']['Config']:
if 'Gateway' in config:
return config['Gateway']
# Fall back to a default if we could not find it. This address will work
# in most places unless Docker changes to use a different address.
out.warn('Could not find bridge gateway, using default')
return '172.17.0.1'
示例2
def _setResourceAllocation(allocation):
client = docker.DockerClient(base_url="unix://var/run/docker.sock", version='auto')
for container_name, resources in six.iteritems(allocation):
out.info("Update chute {} set cpu_shares={}\n".format(
container_name, resources['cpu_shares']))
container = client.containers.get(container_name)
container.update(cpu_shares=resources['cpu_shares'])
# Using class id 1:1 for prioritized, 1:3 for best effort.
# Prioritization is implemented in confd/qos.py. Class-ID is
# represented in hexadecimal.
# Reference: https://www.kernel.org/doc/Documentation/cgroup-v1/net_cls.txt
if resources.get('prioritize_traffic', False):
classid = "0x10001"
else:
classid = "0x10003"
container = ChuteContainer(container_name)
try:
container_id = container.getID()
fname = "/sys/fs/cgroup/net_cls/docker/{}/net_cls.classid".format(container_id)
with open(fname, "w") as output:
output.write(classid)
except Exception as error:
out.warn("Error setting traffic class: {}\n".format(error))
示例3
def __init__(self):
""" Connnects to the docker daemon"""
# will be used as the tag on the docker image
self.problem_name = sanitize_name(self.name)
# use an explicit remote docker daemon per the configuration
try:
tls_config = docker.tls.TLSConfig(
ca_cert=self.docker_ca_cert,
client_cert=(self.docker_client_cert, self.docker_client_key),
verify=True)
self.client = docker.DockerClient(base_url=self.docker_host, tls=tls_config)
self.api_client = docker.APIClient(base_url=self.docker_host, tls=tls_config)
logger.debug("Connecting to docker daemon with config")
# Docker options not set in configuration so use the environment to
# configure (could be local or remote)
except AttributeError:
logger.debug("Connecting to docker daemon with env")
self.client = docker.from_env()
# throws an exception if the server returns an error: docker.errors.APIError
self.client.ping()
示例4
def connect(self, params={}):
client_cert = (
helper.key_to_file(params.get('client_cert').get('secretKey')),
helper.key_to_file(params.get('client_key').get('secretKey'))
)
ca_cert = helper.key_to_file(params.get('ca_cert').get('secretKey'))
tls_config = docker.tls.TLSConfig(
client_cert=client_cert,
ca_cert=ca_cert
)
base_url = params.get('url')
try:
self.logger.info("Connect: Connecting to {}".format(base_url))
self.docker_client = docker.DockerClient(
base_url=base_url,
tls=tls_config,
version=params.get('api_version')
)
except docker.errors.DockerException:
raise
else:
self.logger.info("Connect: Connected to {} successfully.".format(base_url))
示例5
def get_docker_client(base_url=None, retry_read=config.DOCKER_MAX_READ_RETRIES,
retry_status_forcelist=(500,)):
client_key = (retry_read, retry_status_forcelist)
if client_key not in _DOCKER_CLIENTS:
client = docker.DockerClient(base_url=base_url or config.DOCKER_URL,
timeout=config.DOCKER_TIMEOUT)
retries = Retry(total=config.DOCKER_MAX_TOTAL_RETRIES,
connect=config.DOCKER_MAX_CONNECT_RETRIES,
read=retry_read,
method_whitelist=False,
status_forcelist=retry_status_forcelist,
backoff_factor=config.DOCKER_BACKOFF_FACTOR,
raise_on_status=False)
http_adapter = HTTPAdapter(max_retries=retries)
client.api.mount('http://', http_adapter)
_DOCKER_CLIENTS[client_key] = client
return _DOCKER_CLIENTS[client_key]
示例6
def _UpdateNode(self, leader, node_id, node_role, labels={}):
""" 更新节点信息(Labels、Role等) """
client = docker.DockerClient(base_url="tcp://{}:{}".format(leader, self.port), version="auto", timeout=self.timeout)
node_spec = {
'Availability': 'active',
'Role': node_role,
'Labels': labels
}
logger.info("Update node spec data is {} for node_id {})".format(node_spec, node_id))
try:
node = client.nodes.get(node_id)
res = node.update(node_spec)
except docker.errors.APIError,e:
logger.error(e, exc_info=True)
return False
示例7
def create_client():
"""
Create a client to either a Docker instance.
"""
kwargs = {
"base_url": os.environ.get("DOCKER_HOST"),
"timeout": 15, # wait a bit, but give up before 30s Heroku request timeout
}
if os.environ.get("DOCKER_TLS_VERIFY"):
kwargs["tls"] = TLSConfig(
client_cert=(
env_to_file("DOCKER_CLIENT_CERT"),
env_to_file("DOCKER_CLIENT_KEY"),
),
ca_cert=env_to_file("DOCKER_CA_CERT"),
verify=True,
)
return docker.DockerClient(**kwargs)
示例8
def __init__(self, docker_config: DockerHostConfig, mock_client=None) -> None:
self.name = docker_config.name
self.docker_config = docker_config
if not docker_config.tls:
tls = None
else:
tls = docker.tls.TLSConfig(client_cert=(docker_config.tls_cert, docker_config.tls_key), verify=docker_config.tls_ca)
# Simplify testing
if mock_client is not None:
self.cli = mock_client
return
try:
self.cli = docker.DockerClient(base_url=docker_config.address, version="auto", tls=tls)
except docker.errors.DockerException as e:
raise ZoeException("Cannot connect to Docker host {} at address {}: {}".format(docker_config.name, docker_config.address, str(e)))
示例9
def create_docker_client():
# In order to build and push to the minishift registry, it's required that
# users have configured their shell to use the minishift docker daemon
# instead of a local daemon:
# https://docs.openshift.org/latest/minishift/using/docker-daemon.html
if is_minishift():
cert_path = os.environ.get('DOCKER_CERT_PATH')
docker_host = os.environ.get('DOCKER_HOST')
if docker_host is None or cert_path is None:
raise Exception("Attempting to target minishift, but missing required \
env vars. Try running: \"eval $(minishift docker-env)\"")
client_cert = os.path.join(cert_path, 'cert.pem')
client_key = os.path.join(cert_path, 'key.pem')
ca_cert = os.path.join(cert_path, 'ca.pem')
tls = docker.tls.TLSConfig(
ca_cert=ca_cert,
client_cert=(client_cert, client_key),
verify=True,
assert_hostname=False
)
client = docker.DockerClient(tls=tls, base_url=docker_host, version='auto')
else:
client = docker.DockerClient(base_url='unix://var/run/docker.sock', version='auto')
return client
示例10
def create_docker_client(docker_host: str = '', check=True) -> docker.DockerClient:
"""
Context manager for DockerClient creation
:param docker_host: DOCKER_HOST arg for DockerClient
:param check: check if docker is available
:return: DockerClient instance
"""
with _docker_host_lock:
os.environ["DOCKER_HOST"] = docker_host # The env var DOCKER_HOST is used to configure docker.from_env()
client = docker.from_env()
if check and not _is_docker_running(client):
raise RuntimeError("Docker daemon is unavailable")
try:
yield client
finally:
client.close()
示例11
def __init__(self, master_host, slave_hosts,
local_mount_dir, docker_mount_dir):
# see PyDoc for all_internal_hosts() for an explanation on the
# difference between an internal and regular host
self.internal_master = master_host
self.internal_slaves = slave_hosts
self._master = master_host + '-' + str(uuid.uuid4())
self.slaves = [slave + '-' + str(uuid.uuid4())
for slave in slave_hosts]
# the root path for all local mount points; to get a particular
# container mount point call get_local_mount_dir()
self.local_mount_dir = local_mount_dir
self._mount_dir = docker_mount_dir
kwargs = kwargs_from_env()
if 'tls' in kwargs:
kwargs['tls'].assert_hostname = False
kwargs['timeout'] = 300
self.client = DockerClient(**kwargs)
self._user = 'root'
self._network_name = 'presto-admin-test-' + str(uuid.uuid4())
DockerCluster.__check_if_docker_exists()
示例12
def __init__(self, context, spec, build_status=None, docker_version='auto'):
self.context = context
self.spec = spec
self.repo_name = context.repository.split('/')[-1]
self.commit_hash = context.source['commit']['hash']
self.build_status = build_status or BuildStatus(
bitbucket,
context.source['repository']['full_name'],
self.commit_hash,
'badwolf/test',
url_for('log.build_log', sha=self.commit_hash, _external=True)
)
self.docker = DockerClient(
base_url=current_app.config['DOCKER_HOST'],
timeout=current_app.config['DOCKER_API_TIMEOUT'],
version=docker_version,
)
示例13
def _pull_predefined_dockerimages(self):
"""
If the package contains URLs to pre-build Docker images, we download them with this method.
"""
dc = DockerClient()
for url in self.remote_docker_image_urls.itervalues():
# only pull if not present (speedup for development)
if not FORCE_PULL:
if len(dc.images.list(name=url)) > 0:
LOG.debug("Image %r present. Skipping pull." % url)
continue
LOG.info("Pulling image: %r" % url)
# this seems to fail with latest docker api version 2.0.2
# dc.images.pull(url,
# insecure_registry=True)
# using docker cli instead
cmd = ["docker",
"pull",
url,
]
Popen(cmd).wait()
示例14
def initiate_remote_docker_connection(self, docker_server_url):
"""
Docker allows remote access to its API in a number of ways.
This function takes in a parameter of a server url and attempts to establish a docker connection
For example 'ssh://admin:pass@192.168.1.0'
:param docker_server_url:
:return: void
"""
try:
self.client = docker.DockerClient(base_url=docker_server_url)
self.api_client = docker.APIClient(base_url=docker_server_url)
LOG.debug("The DockerClient version is {}".format(self.client.version()['Version']))
self.client.ping()
except ConnectionError:
LOG.error('Error connecting to docker')
raise ValueError("Could not setup Docker connection, is docker running ?")
示例15
def check_docker(self):
logger.info(f"testing docker API on {DOCKER_SOCKET}…")
if (
not DOCKER_SOCKET.exists()
or not DOCKER_SOCKET.is_socket()
or not os.access(DOCKER_SOCKET, os.R_OK)
):
logger.critical(f"\tsocket ({DOCKER_SOCKET}) not available.")
sys.exit(1)
self.docker = docker.DockerClient(
base_url=f"unix://{DOCKER_SOCKET}", timeout=DOCKER_CLIENT_TIMEOUT
)
try:
if len(self.docker.containers.list(all=False)) < 1:
logger.warning("\tno running container, am I out-of-docker?")
except Exception as exc:
logger.critical("\tdocker API access failed: exiting.")
logger.exception(exc)
sys.exit(1)
else:
logger.info("\tdocker API access successful")
示例16
def check_image(update, service):
"""
Check if image exists.
"""
image_name = service.get_image_name()
client = docker.DockerClient(base_url="unix://var/run/docker.sock",
version='auto')
# Raises an exception if the image does not exist.
client.images.get(image_name)
示例17
def remove_image(update, service):
"""
Remove a Docker image.
"""
client = docker.APIClient(base_url="unix://var/run/docker.sock", version='auto')
image_name = service.get_image_name()
out.info("Removing image {}\n".format(image_name))
try:
client = docker.DockerClient(base_url="unix://var/run/docker.sock",
version='auto')
client.images.remove(image=image_name)
except Exception as error:
out.warn("Error removing image: {}".format(error))
示例18
def create_bridge(update):
"""
Create a user-defined bridge network for the chute.
"""
client = docker.DockerClient(base_url="unix://var/run/docker.sock", version='auto')
client.networks.create(update.new.name, driver="bridge")
示例19
def remove_bridge(update):
"""
Remove the bridge network associated with the chute.
"""
client = docker.DockerClient(base_url="unix://var/run/docker.sock", version='auto')
try:
network = client.networks.get(update.new.name)
network.remove()
except docker.errors.NotFound:
pass
示例20
def start_container(update, service):
"""
Start running a service in a new container.
"""
client = docker.DockerClient(base_url="unix://var/run/docker.sock", version='auto')
container_name = service.get_container_name()
image_name = service.get_image_name()
out.info("Attempting to start container {} from image {}\n".format(
container_name, image_name))
host_config = build_host_config(update, service)
# TODO
# Set environment variables for the new container.
# PARADROP_ROUTER_ID can be used to change application behavior based on
# what router it is running on.
environment = prepare_environment(update, service)
try:
container = client.containers.run(detach=True, image=image_name,
name=container_name, environment=environment, **host_config)
out.info("Successfully started chute with Id: %s\n" % (str(container.id)))
except Exception as e:
raise e
try:
network = client.networks.get(update.new.name)
network.connect(container_name, aliases=[service.name])
except docker.errors.NotFound:
out.warn("Bridge network {} not found; connectivity between containers is limited.".format(update.new.name))
示例21
def stopChute(update):
"""
Stop a docker container based on the passed in update.
:param update: The update object containing information about the chute.
:type update: obj
:returns: None
"""
out.info('Attempting to stop chute %s\n' % (update.name))
c = docker.DockerClient(base_url='unix://var/run/docker.sock', version='auto')
container = c.containers.get(update.name)
container.stop()
示例22
def restartChute(update):
"""
Start a docker container based on the passed in update.
:param update: The update object containing information about the chute.
:type update: obj
:returns: None
"""
out.info('Attempting to restart chute %s\n' % (update.name))
c = docker.DockerClient(base_url='unix://var/run/docker.sock', version='auto')
container = c.containers.get(update.name)
container.start()
示例23
def call_in_netns(service, env, command, onerror="raise", pid=None):
"""
Call command within a service's namespace.
command: should be a list of strings.
onerror: should be "raise" or "ignore"
"""
container_name = service.get_container_name()
if pid is None:
# We need the chute's PID in order to work with Linux namespaces.
container = ChuteContainer(container_name)
pid = container.getPID()
# Try first with `nsenter`. This is preferred because it works using
# commands in the host. We cannot be sure the `docker exec` version will
# work with all chute images.
cmd = ['nsenter', '--target', str(pid), '--net', '--no-fork'] + command
try:
code = call_retry(cmd, env, tries=1)
except:
code = -1
# We fall back to `docker exec` which relies on the container image having
# an `ip` command available to configure interfaces from within.
if code != 0:
out.warn("nsenter command failed, resorting to docker exec\n")
try:
client = docker.DockerClient(base_url="unix://var/run/docker.sock", version='auto')
container = client.containers.get(container_name)
container.exec_run(command, user='root')
except Exception:
if onerror == "raise":
raise
示例24
def monitor_logs(service_name, container_name, queue, tail=200):
"""
Iterate over log messages from a container and add them to the queue
for consumption. This function will block and wait for new messages
from the container. Use the queue to interface with async code.
tail: number of lines to retrieve from log history; the string "all"
is also valid, but highly discouraged for performance reasons.
"""
client = docker.DockerClient(base_url="unix://var/run/docker.sock", version='auto')
container = client.containers.get(container_name)
output = container.logs(stdout=True, stderr=True,
stream=True, timestamps=True, follow=True,
tail=tail)
for line in output:
# I have grown to distrust Docker streaming functions. It may
# return a string; it may return an object. If it is a string,
# separate the timestamp portion from the rest of the message.
if isinstance(line, six.string_types):
parts = line.split(" ", 1)
if len(parts) > 1:
queue.put({
'service': service_name,
'timestamp': parts[0],
'message': parts[1].rstrip()
})
else:
queue.put({
'service': service_name,
'message': line.rstrip()
})
elif isinstance(line, dict):
line['service'] = service_name
queue.put(line)
示例25
def get_clients():
"""
Get a high level and a low level docker client connection,
Ensures that only one global docker client exists per thread. If the client
does not exist a new one is created and returned.
"""
global __client, __api_client
if not __client or not __api_client:
try:
conf = current_app.config
# use an explicit remote docker daemon per the configuration
opts = ["DOCKER_HOST", "DOCKER_CA", "DOCKER_CLIENT", "DOCKER_KEY"]
if all([o in conf for o in opts]):
host, ca, client, key = [conf[o] for o in opts]
log.debug("Connecting to docker daemon with config")
tls_config = docker.tls.TLSConfig(ca_cert=ca, client_cert=(client, key), verify=True)
__api_client = docker.APIClient(base_url=host, tls=tls_config)
__client = docker.DockerClient(base_url=host, tls=tls_config)
# Docker options not set in configuration so attempt to use unix socket
else:
log.debug("Connecting to docker daemon on local unix socket")
__api_client = docker.APIClient(base_url="unix:///var/run/docker.sock")
__client = docker.DockerClient(base_url="unix:///var/run/docker.sock")
# ensure a responsive connection
__client.ping()
except docker.errors.APIError as e:
log.debug("Could not connect to docker daemon:" + e)
raise PicoException(
"On Demand backend unavailible. Please contact an admin."
)
return __client, __api_client
示例26
def get_docker_client():
client = docker.DockerClient(base_url='unix://var/run/docker.sock')
return client
示例27
def __init_clients(self):
for regex, docker_hosts, max_running in self.docker_hosts:
client_list = []
clients = (regex, client_list)
self.clients_per_regex.append(clients)
self.max_running[regex] = max_running
for address in docker_hosts:
host, port = address.split(":")
docker_client = docker.DockerClient(base_url=address)
self.clients[address] = (host, int(port), docker_client)
client_list.append((host, int(port), docker_client))
示例28
def connect(self):
if self.config.docker_tls:
try:
cert_paths = {
'cert_top_dir': '/etc/docker/certs.d/',
'clean_socket': self.socket.split('//')[1]
}
cert_paths['cert_dir'] = join(cert_paths['cert_top_dir'], cert_paths['clean_socket'])
cert_paths['cert_files'] = {
'client_cert': join(cert_paths['cert_dir'], 'client.cert'),
'client_key': join(cert_paths['cert_dir'], 'client.key'),
'ca_crt': join(cert_paths['cert_dir'], 'ca.crt')
}
if not isdir(cert_paths['cert_dir']):
self.logger.error('%s is not a valid cert folder', cert_paths['cert_dir'])
raise ValueError
for cert_file in cert_paths['cert_files'].values():
if not isfile(cert_file):
self.logger.error('%s does not exist', cert_file)
raise ValueError
tls_config = tls.TLSConfig(
ca_cert=cert_paths['cert_files']['ca_crt'],
verify=cert_paths['cert_files']['ca_crt'] if self.config.docker_tls_verify else False,
client_cert=(cert_paths['cert_files']['client_cert'], cert_paths['cert_files']['client_key'])
)
client = DockerClient(base_url=self.socket, tls=tls_config)
except ValueError:
self.logger.error('Invalid Docker TLS config for %s, reverting to unsecured', self.socket)
client = DockerClient(base_url=self.socket)
else:
client = DockerClient(base_url=self.socket)
return client
示例29
def get_docker_client():
if is_docker_available():
import docker
client = docker.DockerClient(base_url='unix://var/run/docker.sock')
return client
else:
raise Exception("Docker not available")
示例30
def get_docker_client(docker_base_url=None, docker_port='2375'):
"""Get a Docker Py client.
docker.get_env does not work,
because we do not specify the port in our DOCKER_HOST env variable.
"""
docker_base_url = \
docker_base_url or '{0}:{1}'.format(
os.getenv('DOCKER_HOST'), docker_port)
return docker.DockerClient(base_url=docker_base_url, version='auto')
