In this post, we’ll see how to make Docker images available to servers that don’t have access to the Internet (i.e., machines where
docker pull <image_name>
does not work).
As a specific example, we will do this with the latest Percona Monitoring and Management Docker images, since we had requests for this from users and customers. With the following steps, you’ll be able to deploy PMM within your secure network, without access to the Internet. Additionally, the same steps can be used when you need to upgrade the containers’ version in future releases.
There are two ways in which we can do this:
- the easy way, by using
docker save
anddocker load
, or - the not-so-easy way, by setting up our own registry
We’ll focus on the first option since the latter is a bit more convoluted. If you need your own registry, you are probably looking into something else rather than simply avoiding a firewall to pull one image to a server. Check out the Docker online docs in case option two fits your needs better.
As of this writing, 1.1.3 is the latest PMM version, so this is what we’ll use in the example. An image name is comprised of three parts, namely:
user_account/
(note the ‘/’ at the end); or empty string (and no ‘/’) for the official Docker repoimage_name
:tag
(note the ‘:’ at the beginning)
The PMM Docker images have the following syntax: percona/pmm-server:1.1.3
, but you can change this in the following examples to whatever image name you want, and it will work just the same. Before moving on to the commands needed, let’s imagine that serverA is the machine that has access to the Internet and serverB is the machine behind the firewall.
The steps are simple enough. On serverA, get the image, and save it to a file:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
serverA> docker pull percona/pmm-server:1.1.3 1.1.3: Pulling from percona/pmm-server 45a2e645736c: Pull complete 7a3c6f252004: Pull complete 2cc1d8878ff1: Pull complete 6c49ea4e9955: Pull complete bc4630d3a194: Pull complete 75f0952c00bd: Pull complete 79d583a1689c: Pull complete 5a820193ac79: Pull complete 927a0614b164: Pull complete Digest: sha256:5310b23066d00be418a7522c957b2da4155a63c3e7b08663327aef075674bc2e Status: Downloaded newer image for percona/pmm-server:1.1.3 serverA> docker save percona/pmm-server:1.1.3 > ~/pmm-server_1.1.3.tar |
Now, all you need to do is move the generated tar file to serverB (by using “scp” or any other means), and execute the following:
1 2 3 4 5 |
serverB> docker load < ~/pmm-server_1.1.3.tar serverB> docker images REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE percona/pmm-server 1.1.3 acc9af2459a4 3 weeks ago 1.146 GB |
Now you’ll be able to use the image as if you had used docker pull percona/pmm-server:1.1.3
:
1 2 3 4 5 6 7 8 9 10 11 12 13 |
serverB> docker create ... percona/pmm-server:1.1.3 /bin/true 301a9e89ee95886f497482038aa6601d6cb2e21c0532e1077fa44213ef597f38 serverB> docker run -d ... percona/pmm-server:1.1.3 dbaffa80f62bc0b80239b922bbc746d828fbbeb212a638cfafea92b827141abb serverB> curl http://localhost | grep "Percona Monitoring and Management" ... <p>Percona Monitoring and Management (PMM) is a free and open-source solution for managing and monitoring performance on MySQL and MongoDB, and provides time-based analysis of performance to ensure that your data works as efficiently as possible.</p> ... |
Lastly, let me add the relevant documentation links, so you have them at hand if needed:
https://www.percona.com/doc/percona-monitoring-and-management/deploy/server/docker.html