Our customer uses internal network. We have k8s application, some yaml files need to download image from internet. I have a win10 computer and I could ssh internal server and access internet. How to download image and then upload to internal server?
Some image download site would be:
chenliujin/defaultbackend (nginx-default-backend.yaml)
quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.15.0How to download image and then upload to internal server?
The shortest path to success is
ssh the-machine-with-internet -- 'bash -ec \
"docker pull quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.15.0 ; \
docker save quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.15.0"' \
| ssh the-machine-without-internet -- 'docker load'You'll actually need to repeat that ssh machine-without-internet -- docker load bit for every Node in the cluster, otherwise they'll attempt to pull the image when they don't find it already in docker images, which brings us to ...
You are also free to actually cache the intermediate file, if you wish, as in:
ssh machine-with-internet -- 'bash -ec \
"docker pull quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.15.0 ; \
docker save -o /some/directory/nginx-ingress-0.15.0.tar quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.15.0"'
scp machine-with-internet /some/directory/nginx-ingress-0.15.0.tar /some/other/place
# and so forth, including only optionally running the first pull-and-save stepIt is entirely possible to use an initContainer: in the PodSpec to implement any kind of pre-loading of docker images before the main Pod's containers attempt to start, but that's likely going to clutter your PodSpec unless it's pretty small and straightforward.
Having said all of that, as @KonstantinVustin already correctly said: having a local docker repository for mirroring the content will save you a ton of heartache
The best way - deploy local mirror for Docker repositories. For example, it could be Artifactory by JFrog