LinuxCommandLibrary

crane-export

Export container images from a registry

TLDR

Write tarball to stdout

$ crane export [image_name] -
copy

Write tarball to file
$ crane export [image_name] [path/to/tarball]
copy

Read image from stdin
$ crane export - [path/to/file]
copy

SYNOPSIS

crane export [OPTIONS] IMAGE TARFILE

PARAMETERS

-h, --help
    Display help for the export command

--platform PLATFORM
    Select platform to export (e.g., linux/amd64); defaults to primary platform or all for manifest lists

DESCRIPTION

The crane export command is part of the crane CLI tool, designed for efficient manipulation of OCI (Open Container Initiative) container images without requiring a Docker daemon. It downloads a specified image from a container registry and exports it to a tar archive in a format compatible with docker load or podman load.

This is particularly useful for transferring images to air-gapped environments, creating backups, or migrating between registries. Crane handles authentication via standard Docker config files and supports multi-platform images by allowing platform selection. The export includes all image layers, config, and manifest data, preserving signatures if present (via cosign integration).

Unlike docker save, crane operates daemonlessly, making it lightweight and suitable for CI/CD pipelines or Kubernetes clusters. It fetches only necessary layers, optimizing bandwidth. For multi-arch images, specify a platform to export a single variant; otherwise, it defaults to the primary or all if it's a manifest list.

Installation is via go install or package managers. Usage requires registry access credentials if the image is private.

CAVEATS

Requires network access to registry; outputs Docker-compatible tar (not pure OCI directory); large images consume significant disk space and time; no built-in compression (use gzip post-export if needed).
Authentication via ~/.docker/config.json; anonymous for public images.

EXAMPLES

crane export alpine:latest alpine.tar
crane export --platform linux/arm64 myregistry/image:v1 image-arm.tar
crane export ghcr.io/project/img:latest | gzip > img.tar.gz

INSTALLATION

go install github.com/google/go-containerregistry/cmd/crane@latest
Or via OS packages (e.g., brew install crane on macOS).

HISTORY

Developed by GoogleCloudPlatform as part of the sigstore ecosystem (~2020); evolved for daemonless image ops in supply-chain security; current in crane v0.20+ with multi-platform support.

SEE ALSO

docker-save(1), docker-load(1), skopeo(1), podman-save(1)

Copied to clipboard