It’s quite easy to pull images via docker down to your local developer
machine. But sometimes you need to get images onto servers which have no access
to the World Wide Web (WWW) nor to an internal docker registry. In this article
I show you how to use docker save and docker load to get the required images
onto those servers.
Setup test environment
First of all we’re going to make sure, that no root-shell or sudo is required to
run docker. If you know what you’re doing or don’t want to change your local
setup, you can safely skip this section and go on with the next
one, but maybe not all commands will work as
expected. Please, add your local user to the docker-group.
# Add user to group
gpasswd -a <user> docker
After that, either logout/login or update your current group to docker with the
following command. This command will start a new shell with the docker group
being your primary group. So this one is only a temporary “change of group” local
to that shell.
# Start shell with new primary group
newgrp docker
Please, check if your groups have been updated. The output you get should be similar to the following.
# Check groups
id
# => uid=1002(test1) gid=142(docker) groups=142(docker),1006(test1)
Pull Image
Now pull the image you need at your isolated remote system, down to your local machine. This assumes, that your machine has unlimited access to the WWW.
-
- Pro-Tip
-
If you’re using “Arch Linux” and need to use a proxy, create a file named
/etc/docker/proxy.conf. Addhttps_proxy=https://<proxy>:<port>andhttp_proxy=http://<proxy>:<port>to this file. Now copy/usr/lib/systemd/system/docker.serviceto/etc/systemd/system/docker.serviceand addEnvironmentFile=/etc/docker/proxy.confto the.service-file. After that runsudo systemctl daemon-reloadandsudo systemctl restart docker.
If you’re behind a proxy, make sure, that “docker” works in such an environment and can pull the image.
# Pull docker image
docker pull feduxorg/centos
Export image
After that, export the downloaded image to a tar.gz-file. It’s important to
use docker save here, because this also exports the metadata like the CMD,
ENTRYPOINT and ENV. Even the name of the image “feduxorg/centos” is
exported.
# Save image
docker save -o image.tar.gz feduxorg/centos
Transfer image to destination
If this has finished, transfer the image to the isolated system. I’m going
to use scp (SSH) for this. You may need to use a different tool depending on
your environment – or even a USB-stick, an SD-card or a DVD.
# Uplodate image to "host"
scp image.tar.gz <host>:~/
Import image
After that, login to your remote system and import the image there. Please
make sure, that your user is also member of the docker-group on the remote
system. You can re-use the commands used earlier on your local workstation.
# Login to remote system
ssh <host>
# Import image
docker load -i image.tar.gz
Conclusion
That’s it. Easy, isn’t it? I regularly forget about save and use export
instead. The same happens with load and import. But export and import
don’t work with meta data which is something I always want to be exported/imported.
After using export/import the CMD and ENTRYPOINT of your image are gone. So this
article is a reminder for you and me to prevent frustration. Hope this helps
you as well.
Thanks for reading!