完美代码网站,dede网站不能够生成,外包公司到底值不值得去,优秀的手机网站设计文章目录 1. 安装 docker2. 配置 docker4. 配置域名解析5. 部署 registry6. Registry API 管理7. 批量清理镜像8. 其他 #x1f44b; 这篇文章内容#xff1a;实现shell 脚本批量清理docker registry的镜像。
#x1f514;#xff1a;你可以在这里阅读#xff1a;https:/… 文章目录 1. 安装 docker2. 配置 docker4. 配置域名解析5. 部署 registry6. Registry API 管理7. 批量清理镜像8. 其他 这篇文章内容实现shell 脚本批量清理docker registry的镜像。
你可以在这里阅读https://github.com/Ghostwritten/registry-clean.git
1. 安装 docker
docker 安装
2. 配置 docker
$ cat /etc/docker/daemon.json
{exec-opts: [native.cgroupdriversystemd],insecure-registries: [registry.ghostwritten.com],live-restore: true,log-driver: json-file,log-opts: {max-size: 100m,max-file: 5}}# 配置代理
$ cat /usr/lib/systemd/system/docker.service.d/proxy.conf
[Service]
EnvironmentHTTP_PROXYhttp://192.168.21.101:7890
EnvironmentHTTPS_PROXYhttp://192.168.21.101:7890
EnvironmentNO_PROXYlocalhost,127.0.0.1,.coding.net,.tencentyun.com,.myqcloud.com,*.bsgchina.com$ systemctl daemon-reload systemctl restart docker4. 配置域名解析
服务端(192.168.21.2)配置
$ cat /etc/unbound/unbound.conf
...local-data: registry.ghostwritten.com A 192.168.21.25local-data-ptr: 192.168.21.25 registry.ghostwritten.com
....$ systemctl restart unbound客户端
$ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.21.25. 部署 registry
测试删除镜像
$ docker run -tid --restartalways --name registry -p 80:5000 -e REGISTRY_COMPATIBILITY_SCHEMA1_ENABLEDtrue -e REGISTRY_STORAGE_DELETE_ENABLEDtrue -v /data/registry:/var/lib/registry registry:latest
6. Registry API 管理 $ curl -q -s http://registry.ghostwritten.com/v2/registry/tags/list | jq .
{name: registry,tags: [latest]
}$ curl -I -X GET http://registry.ghostwritten.com/v2/registry/manifests/latest
HTTP/1.1 200 OK
Content-Length: 6863
Content-Type: application/vnd.docker.distribution.manifest.v1prettyjws
Docker-Content-Digest: sha256:f538bbbf8ff45e9872789dfcfbbcd48a44a9c87d21324595efb4df2e6b666c8c
Docker-Distribution-Api-Version: registry/2.0
Etag: sha256:f538bbbf8ff45e9872789dfcfbbcd48a44a9c87d21324595efb4df2e6b666c8c
X-Content-Type-Options: nosniff
Date: Wed, 18 Sep 2024 09:02:51 GMT通过API直接匹配标签删除不掉镜像
$ curl -I -X DELETE http://registry.ghostwritten.com/v2/registry/manifests/latest
HTTP/1.1 400 Bad Request
Content-Type: application/json; charsetutf-8
Docker-Distribution-Api-Version: registry/2.0
X-Content-Type-Options: nosniff
Date: Wed, 18 Sep 2024 08:58:49 GMT
Content-Length: 98#获取ID
$ docker inspect registry.ghostwritten.com/registry:latest | jq -r .[0].RepoDigests[] |grep registry.ghostwritten.com | awk -F {print $2}
sha256:4d2514be50520c34f3b207fc03dd734a9b72403624d8572f8c40e9185575e453$ curl -I -X GET http://registry.ghostwritten.com/v2/registry/manifests/sha256:4d2514be50520c34f3b207fc03dd734a9b72403624d8572f8c40e9185575e453
HTTP/1.1 200 OK
Content-Length: 1363
Content-Type: application/vnd.docker.distribution.manifest.v2json
Docker-Content-Digest: sha256:4d2514be50520c34f3b207fc03dd734a9b72403624d8572f8c40e9185575e453
Docker-Distribution-Api-Version: registry/2.0
Etag: sha256:4d2514be50520c34f3b207fc03dd734a9b72403624d8572f8c40e9185575e453
X-Content-Type-Options: nosniff
Date: Wed, 18 Sep 2024 09:12:51 GMT$ curl -I -X DELETE http://registry.ghostwritten.com/v2/registry/manifests/sha256:4d2514be50520c34f3b207fc03dd734a9b72403624d
8572f8c40e9185575e453
HTTP/1.1 202 Accepted
Docker-Distribution-Api-Version: registry/2.0
X-Content-Type-Options: nosniff
Date: Wed, 18 Sep 2024 09:12:59 GMT
Content-Length: 0$ curl -s http://registry.ghostwritten.com/v2/_catalog | jq .
{repositories: [library/busybox,registry]
}$ curl -q -s http://registry.ghostwritten.com/v2/registry/tags/list | jq .
{name: registry,tags: null
}$ rm -rf /data/registry/docker/registry/v2/repositories/registry
$ curl -q -s http://registry.ghostwritten.com/v2/_catalog | jq .
{repositories: [library/busybox]
}
推送镜像
$ docker push registry.ghostwritten.com/registry:latest
The push refers to repository [registry.ghostwritten.com/registry]
3715a40eaff0: Layer already exists
e48d56ef719d: Layer already exists
1670fc7fdd22: Layer already exists
f3965cc04390: Layer already exists
d62a02444d39: Layer already exists
latest: digest: sha256:4d2514be50520c34f3b207fc03dd734a9b72403624d8572f8c40e9185575e453 size: 1363查询镜像标签
$ curl -q -s http://registry.ghostwritten.com/v2/registry/tags/list | jq .
{name: registry,tags: [latest]
}7. 批量清理镜像
首先这是一个清理的演示先批量推送镜像入库。未来应对可能存在各类情况。
有没有项目名的镜像多个标签的镜像
$ cat registry-images-push.sh
docker push registry.ghostwritten.com/demo/nginx:1.26
docker push registry.ghostwritten.com/demo/nginx:latest
docker push registry.ghostwritten.com/library/busybox:1.36.1
docker push registry.ghostwritten.com/registry:latest
docker push registry.ghostwritten.com/library/busybox:1.35.0推送镜像入库。
$ sh registry-images-push.sh要删除的镜像我们存放到 registry-images-clean.txt 文件中。我们会检验以下几类删除场景。
删除有个多个标签的镜像检验是否会误删除删除没有项目名的镜像删除不存在的镜像。
$ cat registry-images-clean.txt
registry.ghostwritten.com/library/busybox:1.36.1
registry.ghostwritten.com/registry:latest
registry.ghostwritten.com/demo/nginx:1.26
registry.ghostwritten.com/demo/nginx:noexist这个脚本的目的是从Docker注册表中批量删除镜像。在执行脚本之前必须创建一个名为images.txt的文件其中应该包含计划删除的映像的名称。例如文件中的一个条目可能如下所示:registry.demo.com/library/nginx:latest。
$ cat registry-images-clean.sh
#!/bin/bash# Script Name: registry-images-clean.sh
# Author: ghostwritten
# Date: 2024-9-18
# Description: This script is designed to facilitate the batch deletion of images from a Docker registry. Prior to executing the script, you must create a file named images.txt, which should contain the names of the images scheduled for deletion. For example, an entry in the file might look like: registry.demo.com/library/nginx:latest. namebasename $0 .shaction$1images_list() {image_reposcat registry-images-clean.txt | awk -F / {print $1} | uniqfor image_repo in $image_repos
do repositories$(curl -q -s http://${image_repo}/v2/_catalog | jq -r .repositories[])if [[ -n $repositories ]] ; thenecho $image_repo 镜像仓库列表:for repo in $repositories; dotags$(curl -q -s http://${image_repo}/v2/${repo}/tags/list | jq -r .tags[])if [ -z $tags ]; thenecho No tags foundelsefor tag in $tags; doecho $repo:$tagdonefidoneelseecho $image_repo 镜像仓库是空库.fi
done}images_rm() {while IFS read -r line
doimage_repo$(echo $line | awk -F / {print $1})image_project$(echo $line | awk -F / { if (NF 2) print $(NF-1) /; else print })image_name$(echo $line | awk -F / {print $NF} | awk -F : {print $1})image_tag$(echo $line | awk -F / {print $NF} | awk -F : {print $2})response$(curl -s http://${image_repo}/v2/${image_project}${image_name}/tags/list)if echo $response | jq -e .tags | index(\${image_tag}\) /dev/null; thenecho 镜像 ${image_project}${image_name}:${image_tag} 存在准备删除...source_datadocker inspect registry | jq -r .[0].Mounts[] | select(.Type bind) | .SourceMANIFEST_DIGESTls ${source_data}/docker/registry/v2/repositories/${image_project}${image_name}/_manifests/tags/${image_tag}/index/sha256/curl -s -I -X DELETE http://${image_repo}/v2/${image_project}${image_name}/manifests/sha256:${MANIFEST_DIGEST} 21 /dev/nullresponse$(curl -s http://${image_repo}/v2/${image_project}${image_name}/tags/list)if ! echo $response | jq -e .tags | length 0 /dev/null; thenrm -rf ${source_data}/docker/registry/v2/repositories/${image_project}${image_name}fielseecho 镜像 ${image_repo}/${image_project}${image_name}:${image_tag} 不存在。
fidone registry-images-clean.txtdocker exec registry bin/registry garbage-collect /etc/docker/registry/config.yml /dev/null
docker restart registry}case $action inl|ls)images_list;;d|rm)images_rm;;*)echo Usage: $name [ls|rm]exit 1;;
esac
exit 0首先检查当前registry镜像仓库有哪些镜像。
$ sh registry-images-clean.sh ls
registry.ghostwritten.com 镜像仓库列表:demo/nginx:latestdemo/nginx:1.26library/busybox:1.35.0library/busybox:1.36.1registry:latest
registest.bsgchina.com 镜像仓库是空库.现在我们开始删除 registry-images-clean.txt 的镜像。
$ registry-images-clean.sh rm
镜像 library/busybox:1.36.1 存在准备删除...
镜像 registry:latest 存在准备删除...
镜像 demo/nginx:1.26 存在准备删除...
镜像 registry.ghostwritten.com/demo/nginx:noexist 不存在。
镜像 demo/nginx:noexist 存在准备删除...执行结束后再次检查镜像仓库列表。
sh registry-images-clean.sh ls
registry.ghostwritten.com 镜像仓库列表:demo/nginx:latestlibrary/busybox:1.35.0
registest.bsgchina.com 镜像仓库是空库.8. 其他
除了通过API 查看registry镜像列表你可以部署一个 registry UI 查看镜像。另外当你想要迁移一套具有自己镜像介质的镜像仓库。你可以参考这篇不需要推拉镜像的镜像仓库迁移教程。
参考
Open Container Initiative Distribution Specificationhttps://docs.docker.com/registry/#introductionhttps://github.com/Ghostwritten/registry-clean.git
