| ▲ | selcuka 4 days ago |
| You mean ssh'ing into the remote server, then pulling image from local? That would require your local host to be accessible from the remote host, or setting up some kind of ssh tunneling. |
|
| ▲ | mdaniel 4 days ago | parent | next [-] |
| `ssh -R` and `ssh -L` are amazing, and I just learned that -L and -R both support unix sockets on either end and also unix socket to tcp socket https://manpages.ubuntu.com/manpages/noble/man1/ssh.1.html#:... I would presume it's something akin to $(ssh -L /var/run/docker.sock:/tmp/d.sock sh -c 'docker -H unix:///tmp/d.sock save | docker load') type deal |
|
| ▲ | matt_kantor 3 days ago | parent | prev [-] |
| This is what docker-pushmi-pullyu[1] does, using `ssh -R` as suggested by a sibling comment. [1]: https://github.com/mkantor/docker-pushmi-pullyu |
| |
| ▲ | psviderski 3 days ago | parent | next [-] | | The problem with running a registry locally is that Docker doesn't provide an API to get individual image layers to be able to build a registry API on top. You have to hook into the containerd Docker uses under the hood. You can't do this locally in many cases, for example, on macOS the VM running Docker Desktop doesn't expose the containerd socket.
I guess the workaround you implemented in docker-pushmi-pullyu is an extra copy to the registry which is a bummer. | | |
| ▲ | matt_kantor 2 days ago | parent [-] | | Yeah, a few years ago I remember looking into whether I could expose image layers from the engine as a volume to mount directly into the registry, but at least at the time it seemed complex, and when I write tools like this simplicity is a primary goal. As a mitigation docker-pushmi-pullyu caches pushed layers between runs[1]. More often than not I'm only changing upper layers of previously-pushed images, so this helps a lot. Also, since everything happens locally the push phase is typically quite fast even with cache misses (especially on an SSD), especially compared to the pull phase which is usually going over the internet (or another network). [1]: https://github.com/mkantor/docker-pushmi-pullyu/pull/19/file... |
| |
| ▲ | remram 3 days ago | parent | prev [-] | | That's also what the submitted tool does, I want to do the same thing just in the reverse direction. I just don't want to start extra containers on the prod machine. | | |
| ▲ | selcuka 3 days ago | parent [-] | | No, the second one (docker-pushmi-pullyu) runs the registry on the build host. | | |
| ▲ | remram 3 days ago | parent [-] | | I meant to reply to you, whoops. docker-pushmi-pullyu does an extra copy from build host to a registry, so it is just the standard workflow. I think Spegel does what I want (= serve images from the local cache as a registry), I might be able to build from that. It is meant to be integrated with Kubernetes though, making a simple transfer tool probably requires some adaptation. |
|
|
|