一、什么是API
1. API具体是什么?
API这个词在维基百科里解释是这样的:应用程序接口(英语application programming interface,缩写作 API),又称为应用编程接口,就是软件系统不同组成部分衔接的约定。
简单理解就是,我们不同的安卓和系统的手机就要用不同的数据线充电,类似的,程序的接口也是如此。每个程序都有固定对外的标准接口,这个接口由开发这个程序的开发者定义的,你要想连接它们,那么就应该遵循它们的接口标准
2. 什么是REST
现在学习API 经常看到一个词叫REST,英文全称是Representational State Transfer,中文意思叫"表现层状态转化"
2.1. 什么是表现层?
表现层指的是资源的表现层,所谓"资源",就是网络上的一个具体信息。一个文本,一部电影,一个服务都可以算作一资源表现层的意思其实就是把"资源"具体呈现出来的形式。比如,我们可以通过一个URL连接下载视频,图片等!
2.2. 什么是状态转化?
简单理解就是对资源增删改查
GET、POST、PUT、DELETE(获取,新建,更新,删除)通过这基本的四种方法可以对网络上的资源进行一些状态转化操作
二、Docker API种类
- Docker Registry API (docker镜像仓库的api)
- Docker Hub API (Docker Hub API是用户管理操作的API)
- Docker Remote API (用于控制主机 Docker 服务端的 API)
Docker Remote API
Docker Remote API是由docker守护进程提供的,默认情况下,docker守护进程绑定到一个宿主机的嵌套字里,即unix:///var/run/run/docker.sock
Remote API 的基本操作
编辑/usr/lib/system/system/docker.service 文件,把 Docker 守护进程绑定到该宿主机的所有网络接口的 2375 端口上
ExecStart=/usr/bin/docker-current -d --selinu-enabled -H tcp://0.0.0.0:2375
# systemctl --system daemon-reload
通过 Docker 客户端命令的-H 标志来测试一下刚才的配置是否生效
# docker daemon -H unix:///var/run/docker.sock -H 0.0.0.0:2375
WARN[0000] /!\ DON'T BIND ON ANY IP ADDRESS WITHOUT setting
-tlsverify IF YOU DON'T KNOW WHAT YOU'RE DOING /!\
WARN[0000] devmapper: Usage of loopback devices is strongly discouraged for
production use. Please use `--storage-opt dm.thinpooldev` or use `man docker` to refer
to dm.thinpooldev section.
WARN[0000] devmapper: Base device already exists and has filesystem xfs on it.
User specified filesystem will be ignored.
INFO[0000] [graphdriver] using prior storage driver "devicemapper"
INFO[0000] Graph migration to content-addressability took 0.00 seconds
INFO[0000] Firewalld running: false
INFO[0000] Default bridge (docker0)is assigned with an IP address
172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address
INFO[0000] Loading containers: start.
.
INFO[0000] Loading containers: done.
INFO[0000] Daemon has completed initialization
INFO[0000] Docker daemon
commit=3999ccb-unsupported execdriver=native-0.2 graphdriver=devicemapper
version=1.10.3
INFO[0001] API listen on [::]:2375
INFO[0001] API listen on /var/run/docker.sock
# docker -H 127.0.0.1:2375 info
Containers: 1
Running: 1
Paused: 0
Stopped: 0
Images: 22
Server Version: 1.10.3
Storage Driver: devicemapper
Pool Name: docker-253:1-285241608-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: xfs
Data file: /dev/loop0
Metadata file: /dev/loop1
Data Space Used: 5.105 GB
Data Space Total: 107.4 GB
Data Space Available: 90.75 GB
Metadata Space Used: 10.23 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.137 GB
Udev Sync Supported: true
Deferred Removal Enabled: false
Deferred Deletion Enabled: false
Deferred Deleted Device Count: 0
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
WARNING: Usage of loopback devices is strongly discouraged for production
use. Either use `--storage-opt dm.thinpooldev` or use `--storage-opt
dm.no_warn_on_loop_devices=true` to suppress this warning.
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.135-RHEL7 (2016-09-28)
Execution Driver: native-0.2
Logging Driver: json-file
Plugins:
Volume: local
Network: host bridge null
Kernel Version: 3.10.0-229.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 2
CPUs: 1
Total Memory: 1.954 GiB
Name: docker
ID:
HRBL:3YXE:HAAO:MRAG:NKQO:MZWC:7EVD:Q2QK:UYK6:C7NF:GOYU:ELS
R
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Registries: docker.io (secure)
docker_host 环境变量,这样即省掉了每次都需要设置-H 标志的麻烦
# export DOCKER_HOST="tcp://127.0.0.1:2375"
测试 Docker Remote API
通过 Docker 程序建立并确认了与 Docker 守护进程之间的网络连通
性,接着来直接连接到 API
[root@docker ~]# curl http://127.0.0.1:2375/info
{"ID":"HRBL:3YXE:HAAO:MRAG:NKQO:MZWC:7EVD:Q2QK:UYK6:C7NF:GOYU:EL
SR","Containers":1,"ContainersRunning":1,"ContainersPaused":0,"ContainersStopped":0,"Images":
22,"Driver":"devicemapper","DriverStatus":[["Pool
Name","docker-253:1-285241608-pool"],["Pool Blocksize","65.54 kB"],["Base Device
Size","10.74 GB"],["Backing Filesystem","xfs"],["Data file","/dev/loop0"],["Metadata
file","/dev/loop1"],["Data Space Used","5.106 GB"],["Data Space Total","107.4 GB"],["Data Space
Available","90.75 GB"],["Metadata Space Used","10.23 MB"],["Metadata Space Total","2.147
GB"],["Metadata Space Available","2.137 GB"],["Udev Sync Supported","true"],["Deferred
Removal Enabled","false"],["Deferred Deletion Enabled","false"],["Deferred Deleted Device
Count","0"],["Data loop file","/var/lib/docker/devicemapper/devicemapper/data"],["Metadata loop
file","/var/lib/docker/devicemapper/devicemapper/metadata"],["Library Version","1.02.135-RHEL7
(2016-09-28)
"]],"SystemStatus":null,"Plugins":{"Volume":["local"],"Network":["host","bridge","null"],"Authori
zation":null},"MemoryLimit":true,"SwapLimit":true,"CpuCfsPeriod":true,"CpuCfsQuota":true,"CP
UShares":true,"CPUSet":true,"IPv4Forwarding":true,"BridgeNfIptables":false,"BridgeNfIp6tables"
:false,"Debug":false,"NFd":21,"OomKillDisable":true,"NGoroutines":28,"SystemTime":"2016-12-3
0T03:24:27.654171066Z","ExecutionDriver":"native-0.2","LoggingDriver":"json-file","NEventsLis
tener":0,"KernelVersion":"3.10.0-229.el7.x86_64","PkgVersion":"docker-common-1.10.3-59.el7.Ce
ntOS.x86_64","OperatingSystem":"CentOS Linux 7 (Core)
","OSType":"linux","Architecture":"x86_64","IndexServerAddress":"https://index.docker.io/v1/","I
ndexServerName":"docker.io","RegistryConfig":{"InsecureRegistryCIDRs":["127.0.0.0/8"],"Index
Configs":{"docker.io":{"Name":"docker.io","Mirrors":null,"Secure":true,"Official":true}},"Mirrors
":null},"InitSha1":"2195bfa7012bb8ffc50f899b658b487b565336e1","InitPath":"","NCPU":1,"Mem
Total":2098581504,"DockerRootDir":"/var/lib/docker","HttpProxy":"","HttpsProxy":"","NoProxy":
"","Name":"docker","Labels":null,"ExperimentalBuild":false,"ServerVersion":"1.10.3","ClusterStor
e":"","ClusterAdvertise":"","Registries":[{"Name":"docker.io","Secure":true}]}
通过 API 来管理 Docker 镜像。
获取 Docker 守护进程中所有进程中所有镜像的列表
# curl http://127.0.0.1:2375/images/json | python -m json.tool
% Total % Received % Xferd Average Speed Time Time Time
Current
Dload Upload Total Spent Left
Speed
100 6781 0 6781 0 0 245k 0 --:--:-- --:--:-- --:--:-- 254k
[
{
"Created": 1482998541,
"Id":
"sha256:0c27604c726690da5f7368af31765903bbf196b8e5808c876a2abd25b681a17f",
"Labels": null,
"ParentId": "",
"RepoDigests": null,
"RepoTags": [
"odoo:latest"
],
"Size": 0,
"VirtualSize": 0
},
{
"Created": 1482966589,
"Id":
"sha256:411afb6272fbf5258c421ca5dd10bf212cddb40d78ac3962114b67bb78cc7c62",
"Labels": {},
"ParentId": "",
"RepoDigests": [
"docker.io/python@sha256:05d7f756d1980a83ca7419109334a6df47824e02eae93996c3d201
f96baf7cf3"
],
"RepoTags": [
"docker.io/python:latest"
],
"Size": 687122335,
"VirtualSize": 687122335
},
这里使用了/images/json 这个接入点,它将返回 Docker 守护进程中的所有镜
像的列表。
最后,也像命令行一样,也可以在 docker hub 上查找镜像。
# curl http://192.168.200.22:2375/images/search?term="jamtur01" | python
-mjson.tool
% Total % Received % Xferd Average Speed Time Time
Time Current
Dload Upload Total Spent
Left Speed
100 4387 0 4387 0 0 1023 0 --:--:-- 0:00:04 --:--:--
1023
[
{
"description": "",
"index_name": "docker.io",
"is_automated": true,
"is_official": false,
"is_trusted": true,
"name": "jamtur01/docker-presentation",
"registry_name": "docker.io",
"star_count": 5
},
{
"description": "",
"index_name": "docker.io",
"is_automated": false,
"is_official": false,
"is_trusted": false,
"name": "jamtur01/dockerjenkins",
"registry_name": "docker.io",
"star_count": 3
}
通过 API 管理 Docker 容器
Docker Remote API 同样也可以使用/container 参数列出所有正在的容器
# curl -s "http://127.0.0.1:2375/containers/json" | python -m json.tool
[
{
"Command": "/entrypoint.sh /etc/docker/registry/config.yml",
"Created": 1483003943,
"HostConfig": {
"NetworkMode": "default"
},
"Id":
"09dda7fe410ba278db18ca1c0aade605083ac6151ce6e005527304f7cc3c5331",
"Image": "docker.io/registry:latest",
"ImageID":
"sha256:c9bd19d022f6613fa0e3d73b2fe2b2cffe19ed629a426db9a652b597fccf07d4",
"Labels": {},
"Names": [
"/registry"
],
"NetworkSettings": {
"Networks": {
"bridge": {
"Aliases": null,
"EndpointID":
"98594476f7c321b1301ea67aadbadbe412a6d44e49e3d6fb5ee152ba12eaab7f",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAMConfig": null,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"Links": null,
"MacAddress": "02:42:ac:11:00:02",
"NetworkID": ""
}
}
},
"Ports": [
{
"IP": "0.0.0.0",
"PrivatePort": 5000,
"PublicPort": 5000,
"Type": "tcp"
}
],
"Status": "Up 53 minutes"
} ]
使用 POST 请求来调用/containers/create 接入点来创建容器
# curl -X POST -H "Content-Type: application/json"
http://127.0.0.1:2375/containers/create -d '{"image":"docker.io/python"}'
{"Id":"e7f1abb491ebfb1bb71b81ec9cb0eb5f72e7d4ce03bcaa5b491565c663ff1929",
"Warnings":null}