During many customer discussions on PaaS, the same question does come up:
“Can I use my own Docker images in OpenShift?”
While the simple answer obviously is:
“Well, sure! OpenShift makes use of Docker und Kubernetes“
Making it work, is a little bit more complex – until one finally understands it.
In this blog I will give you a transcript of how I proceeded to make an image, created for my IoT-Demo, available in OpenShift V3 in a few simple steps.
… this was done with lots of help from Michal Fojtik. Michal, thanks a lot!!!
The image which I want to us is on a different system, which is in no way connected to my OpenShift environment. Therefor saving the image into a file is the first thing to do:
[psteiner@demo ~]# docker save <name_of_image> > export.tar
After copying the tarbal to the OpenShift Master, you can load it into the local Docker repository
[root@master ~]# docker load < export.tar
Before we continue, lets login to our OpenShift V3
[root@master ~]# oc login Username: psteiner
At this point we can also login to our OpenShift registry. To do so, first we need to get the token for our user
[root@master ~]# oc whoami -t QSbfzkT3yPaScbxRodIGa5bNYvUsqfvA6VNdh1tGtFU
and use the token for the login to the registry
[root@master ~]# docker login -u psteiner -e firstname.lastname@example.org -p QSbfzkT3yPaScbxRodIGa5bNYvUsqfvA6VNdh1tGtFU 172.30.80.73:5000 WARNING: login credentials saved in /root/.dockercfg. Login Succeeded
The IP-Address at the end of the command is for our OpenShift registry and port.
For the image to be able to be pushed to the registry, there needs to be OpenShift project. The name of this project will be used as a namespace during the following steps.
[root@master ~]# oc new-project iotdemo
Now we need to put a Tag to our local image, giving it the name for later usage.
[root@master Downloads]# docker tag iotcontroller 172.30.80.73:5000/iotdemo/iotcontrollerreceiver
The last step is the push itself – we are nearly there!
[root@master Downloads]# docker push 172.30.80.73:5000/iotdemo/iotcontrollerreceiver The push refers to a repository [172.30.80.73:5000/iotdemo/iotcontrollerreceiver] (len: 1) def452b4ada4: Image already exists f108b4ea3dbd: Image successfully pushed 47d44cb6f252: Image successfully pushed Digest: sha256:ed928660aa37aa1fb576c7edc78ca055df87a940a99d9ac2123005a5a2697862
This procedure does not only push the image to the OpenShift registry, but also creates an ImageStream, which you can later reference in your templates, etc.
Running the following command will verify this
[root@master Downloads]# oc get is NAME DOCKER REPO TAGS UPDATED iotcontrollerreceiver 172.30.80.73:5000/iotdemo/iotcontrollerreceiver latest 52 seconds ago
Step 8 ( optional )
If your Docker image is build in a way that use use the “USER” command and rely on the image to be run in that user-context, you will have to relax the security to allow that. There is a nice, simple section in the documentation, explaining how to!
Now you are ready to use the image and the ImageStream.
5 replies on “Importing an external and not yet published Docker Image into Red Hat OpenShift V3”
What’s wrong with oc import-image , that will import the image metadata from docker hub?
Or if the image is not on dockerhub, but you have a Dockerfile, why not build it with OpenShift that will provide you with the image in your OpenShift’s registry and will create the ImageStream?
your options are very valid ones as well and worth being written about! I wanted to learn how to follow this “load”/”safe” approach to start with.
I was not able to use S2I from a Dockerfile, as my images do contain product, like JBoss Fuse or JBoss BPMS, for which we do not have the appropriate base images. That’s also the reason why I didn’t want them to be on dockerhub.
Another approach would have been to make a “docker push” from my system to another, which is probably going to be covered in a future blog entry.
Even if your images contains products, you have a Dockerfile, a docker context in a Git repository.
The best option for this should be to build your images inside OpenShift.
The problem I see with your past is that it sends a confusing message, as it seems that’s not easy to bring/build any docker image into OpenShift unless you do all those steps, which is not true.
The problem I see is that you don’t use OpenShift for building, but rather your host machine.
This could be rewritten to “import an already built and unpublished image”.
Also I think some of your steps are not needed, since you can docker push from your host, does not need to be from the master node.
Feel free to ask for help if needed.
[…] my previous post I described how to manually export/import a Docker image from one system into the Docker […]
[…] should have followed my previous postings ( thanks for that!! ), then you should have read my blog IMPORTING AN EXTERNAL AND NOT YET PUBLISHED DOCKER IMAGE INTO RED HAT OPENSHIFT V3, in which I have explained how to manually carry a Docker image from a non OpenShift build-server […]