在前邊的博客中我們說到docker的架構由docker客戶端、服務端以及倉庫組成;docker倉庫就是用來存放鏡像的地方;其實docker registry我們理解為存放docker鏡像倉庫的倉庫比較準確吧;因為docker的鏡像倉庫通常是把同一類的鏡像用不同的版本來區別,而registry則是用來存放這些倉庫的倉庫;默認安裝docker都是從dockerhub鏡像倉庫下載鏡像;其實在生產環境中,我們很少去公有倉庫上下載鏡像,原因之一是公有倉庫中的鏡像在生產環境中使用,有些不適配,通常我們是去公有倉庫下載基礎鏡像,然后基于基礎鏡像構建適合自己生產環境中的鏡像;其次公有倉庫鏡像有很多都不是安全的鏡像,這么說吧,我們不確定自己下載的鏡像是否有后門,是否有挖礦代碼,所以基于種種因素,我們還是有必要搭建自己私有的鏡像倉庫;今天我們就來聊一聊docker的私有鏡像倉庫的搭建;
1、查看docker-distribution包簡介
[root@docker_registry ~]# yum info docker-distribution Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.aliyun.com * extras: mirrors.aliyun.com * updates: mirrors.aliyun.com Available Packages Name : docker-distribution Arch : x86_64 Version : 2.6.2 Release : 2.git48294d9.el7 Size : 3.5 M Repo : extras/7/x86_64 Summary : Docker toolset to pack, ship, store, and deliver content URL : https://github.com/docker/distribution License : ASL 2.0 Description : Docker toolset to pack, ship, store, and deliver content [root@docker_registry ~]#
提示:docker-distribution這個包就是提供簡單倉庫服務軟體實作;
2、安裝docker-distribution
[root@docker_registry ~]# yum install -y docker-distribution Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.aliyun.com * extras: mirrors.aliyun.com * updates: mirrors.aliyun.com Resolving Dependencies There are unfinished transactions remaining. You might consider running yum-complete-transaction, or "yum-complete-transaction --cleanup-only" and "yum history redo last", first to finish them. If those don't work you'll have to try removing/installing packages by hand (maybe package-cleanup can help). The program yum-complete-transaction is found in the yum-utils package. --> Running transaction check ---> Package docker-distribution.x86_64 0:2.6.2-2.git48294d9.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved =================================================================================================================== Package Arch Version Repository Size =================================================================================================================== Installing: docker-distribution x86_64 2.6.2-2.git48294d9.el7 extras 3.5 M Transaction Summary =================================================================================================================== Install 1 Package Total download size: 3.5 M Installed size: 12 M Downloading packages: docker-distribution-2.6.2-2.git48294d9.el7.x86_64.rpm | 3.5 MB 00:00:03 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : docker-distribution-2.6.2-2.git48294d9.el7.x86_64 1/1 Verifying : docker-distribution-2.6.2-2.git48294d9.el7.x86_64 1/1 Installed: docker-distribution.x86_64 0:2.6.2-2.git48294d9.el7 Complete! [root@docker_registry ~]#
3、查看docker-distribution安裝了那些檔案
[root@docker_registry ~]# rpm -ql docker-distribution /etc/docker-distribution/registry/config.yml /usr/bin/registry /usr/lib/systemd/system/docker-distribution.service /usr/share/doc/docker-distribution-2.6.2 /usr/share/doc/docker-distribution-2.6.2/AUTHORS /usr/share/doc/docker-distribution-2.6.2/CONTRIBUTING.md /usr/share/doc/docker-distribution-2.6.2/LICENSE /usr/share/doc/docker-distribution-2.6.2/MAINTAINERS /usr/share/doc/docker-distribution-2.6.2/README.md /var/lib/registry [root@docker_registry ~]#
提示:/etc/docker-distribution/registry/config.yml這個檔案用于配置registry的組態檔;/usr/bin/registry是二進制應用程式;/usr/lib/systemd/system/docker-distribution.service 這個檔案是docker-distribution的unit file;/var/lib/registry這個目錄用于存放我們上傳到registry上的鏡像存放地;
4、查看組態檔
[root@docker_registry ~]# cat /etc/docker-distribution/registry/config.yml
version: 0.1
log:
fields:
service: registry
storage:
cache:
layerinfo: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
[root@docker_registry ~]#
提示:這個組態檔是一個yml語法的組態檔,從上面的資訊可以看到,默認情況docker-distribution監聽在tcp的5000埠;存放鏡像的目錄是/var/lib/registry/目錄下;
5、啟動docker-distribution
[root@docker_registry ~]# systemctl start docker-distribution [root@docker_registry ~]# ss -tnl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 128 :::22 :::* LISTEN 0 100 ::1:25 :::* LISTEN 0 128 :::5000 :::* [root@docker_registry ~]#
提示:可以看到5000埠已經處于監聽狀態了;到此docker-distribution就啟動起來了;這個倉庫服務很簡陋,沒有用戶認證功能,默認是基于http通信而非https,所以從某些角度講,不是一個安全的倉庫;所以一般不見在互聯網上使用,在自己的內外環境中可以使用;
這里補充一點,docker的鏡像通常是 registry地址加repository名稱加版本這三部分組成,registry可以是域名,可以是ip地址加埠,也可以說域名加埠,默認https是443埠,http是80埠,如果不寫埠默認是443而非80(原因是docker默認不支持從http協議的倉庫下載/上傳鏡像);例如 quay.io/coreos/flannel:v0.12.0-s390x 從這個鏡像名我們就可以知道registry是https://quay.io;repository名稱為coreos/flannel 版本是v0.12.0-s390x;
示例:下載第三方倉庫鏡像到本地
提示:可以看到下載下來的鏡像名稱就是我們剛才說的registry+repository+版本;從上面的資訊我們可以總結一點,docker鏡像的名稱(標簽)反應了該鏡像來自哪個registry的那個倉庫;所以我們要下載私有鏡像倉庫中的鏡像就需要把加上私有registry的名稱或地址+repository+版本來下載私有鏡像倉庫中的鏡像;同理上傳鏡像也需要寫明上傳到那個registry中的那個repository中去;
示例:上傳本地鏡像到私有倉庫
提示:要把本地倉庫鏡像傳到私有倉庫中去,首先我們要把本地鏡像打一個新的標簽,按照我們剛才上面說的邏輯,然后在上傳新打到標簽的鏡像到私有倉庫就可以了;從上面的資訊我們看到當我們打好標簽后,上傳鏡像時報錯了,提示我們倉庫不是https的;默認情況docker不支持http明文上傳/下載鏡像;如果我們非要用http上傳下載鏡像我們需要在組態檔中明確的告訴docker非安全倉庫地址;
配置docker支持私有倉庫上傳下載鏡像
[root@docker_registry ~]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com","https://cyr1uljt.mirror.aliyuncs.com"],
"insecure-registries": ["192.168.0.99:5000"]
}
[root@docker_registry ~]# systemctl daemon-reload
[root@docker_registry ~]# systemctl restart docker
提示:我們通過在組態檔中配置insecure-registries來告訴docker192.168.0.99:5000這個registry是不安全的,但是我們信任這個倉庫,大概就是這個意思嘛;通常我們是寫主機名然后配合hosts檔案來決議的方式來對registry決議;從而把鏡像命名為主機名+倉庫名+版本的形式;如下所示;這里還需要注意一點insecure-registries后面的串列中的倉庫如果有域名,域名不能有下劃線(“_”),否則重啟docker會起不來;
[root@docker_registry ~]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com","https://cyr1uljt.mirror.aliyuncs.com"],
"insecure-registries": ["192.168.0.99:5000","docker-registry.io:5000"]
}
[root@docker_registry ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.99 docker-registry.io registry
192.168.0.22 docker-node01.io node01
192.168.0.23 docker-node02.io node02
[root@docker_registry ~]# systemctl restart docker
[root@docker_registry ~]# docker info
Client:
Debug Mode: false
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 1
Server Version: 19.03.11
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-693.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 1.785GiB
Name: docker_registry
ID: R34V:IG2F:23I6:6WG6:FFQ4:75SV:3UKZ:RFH7:DGCO:QS7V:CS7K:NSH6
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
192.168.0.99:5000
docker-registry.io:5000
127.0.0.0/8
Registry Mirrors:
https://registry.docker-cn.com/
https://cyr1uljt.mirror.aliyuncs.com/
Live Restore Enabled: false
[root@docker_registry ~]#
提示:重啟docker后,如果在docker info 中能夠看到我們配置的內容說明配置生效了;現在我們再來傳我們新打的標簽的鏡像,看看是否能夠傳到我們的私有倉庫呢?
[root@docker_registry ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker-registry.io:5000/centos 7 b5b4d78bc90c 4 weeks ago 203MB centos 7 b5b4d78bc90c 4 weeks ago 203MB 192.168.0.99:5000/flannel v0.12.0-s390x 57eade024bfb 2 months ago 56.9MB quay.io/coreos/flannel v0.12.0-s390x 57eade024bfb 2 months ago 56.9MB [root@docker_registry ~]# docker push 192.168.0.99:5000/flannel:v0.12.0-s390x The push refers to repository [192.168.0.99:5000/flannel] b67de7789e55: Pushed 4c4bfa1b47e6: Pushed 3b7ae8a9c323: Pushed fbd88a276dca: Pushed 271ca11ef489: Pushed 1f106b41b4d6: Pushed v0.12.0-s390x: digest: sha256:3ce5b8d40451787e1166bf6b207c7834c13f7a0712b46ddbfb591d8b5906bfa6 size: 1579 [root@docker_registry ~]# docker push docker-registry.io:5000/centos:7 The push refers to repository [docker-registry.io:5000/centos] edf3aa290fb3: Pushed 7: digest: sha256:c2f1d5a9c0a81350fa0ad7e1eee99e379d75fe53823d44b5469eb2eb6092c941 size: 529 [root@docker_registry ~]#
提示:可以看到我們上傳的兩個鏡像都完成了上傳沒有報錯,接下來我們去/var/lib/registry/這個目錄,看看是否有這兩個鏡像相關目錄?
[root@docker_registry ~]# tree /var/lib/registry/
/var/lib/registry/
└── docker
└── registry
└── v2
├── blobs
│ └── sha256
│ ├── 13
│ │ └── 13b80a37370b57f558a2e06092c39224e5d1ebac50e48df0afdeb43cf2303e60
│ │ └── data
│ ├── 17
│ │ └── 176bad61a3a435da03ec603d2bd8f7a69286d92f21f447b17f21f0bc4e085bde
│ │ └── data
│ ├── 1b
│ │ └── 1b56fbc8a8e10830867455c0794a70f5469c154cdc013554daf501aeda3f30fe
│ │ └── data
│ ├── 26
│ │ └── 266247e2e603e1c840f97cb4d97a08b9184344e9802966cb42c93d21c407839f
│ │ └── data
│ ├── 3c
│ │ └── 3ce5b8d40451787e1166bf6b207c7834c13f7a0712b46ddbfb591d8b5906bfa6
│ │ └── data
│ ├── 42
│ │ └── 42d8e66fa893de4beb5d136b787cf182b24b7f4972c4212b9493b661ad1d7e85
│ │ └── data
│ ├── 52
│ │ └── 524b0c1e57f8ee5fee01a1decba2f301c324a6513ca3551021264e3aa7341ebc
│ │ └── data
│ ├── 57
│ │ └── 57eade024bfbd48c45ef2bad996c4d6a0fa41b692247294745265af738066813
│ │ └── data
│ ├── 85
│ │ └── 85ecb68de4693bb4093d923f6d1062766e4fa7cbb3bf456a2bc19dd3e6c5e6c6
│ │ └── data
│ ├── b5
│ │ └── b5b4d78bc90ccd15806443fb881e35b5ddba924e2f475c1071a38a3094c3081d
│ │ └── data
│ └── c2
│ └── c2f1d5a9c0a81350fa0ad7e1eee99e379d75fe53823d44b5469eb2eb6092c941
│ └── data
└── repositories
├── centos
│ ├── _layers
│ │ └── sha256
│ │ ├── 524b0c1e57f8ee5fee01a1decba2f301c324a6513ca3551021264e3aa7341ebc
│ │ │ └── link
│ │ └── b5b4d78bc90ccd15806443fb881e35b5ddba924e2f475c1071a38a3094c3081d
│ │ └── link
│ ├── _manifests
│ │ ├── revisions
│ │ │ └── sha256
│ │ │ └── c2f1d5a9c0a81350fa0ad7e1eee99e379d75fe53823d44b5469eb2eb6092c941
│ │ │ └── link
│ │ └── tags
│ │ └── 7
│ │ ├── current
│ │ │ └── link
│ │ └── index
│ │ └── sha256
│ │ └── c2f1d5a9c0a81350fa0ad7e1eee99e379d75fe53823d44b5469eb2eb6092c941
│ │ └── link
│ └── _uploads
└── flannel
├── _layers
│ └── sha256
│ ├── 13b80a37370b57f558a2e06092c39224e5d1ebac50e48df0afdeb43cf2303e60
│ │ └── link
│ ├── 176bad61a3a435da03ec603d2bd8f7a69286d92f21f447b17f21f0bc4e085bde
│ │ └── link
│ ├── 1b56fbc8a8e10830867455c0794a70f5469c154cdc013554daf501aeda3f30fe
│ │ └── link
│ ├── 266247e2e603e1c840f97cb4d97a08b9184344e9802966cb42c93d21c407839f
│ │ └── link
│ ├── 42d8e66fa893de4beb5d136b787cf182b24b7f4972c4212b9493b661ad1d7e85
│ │ └── link
│ ├── 57eade024bfbd48c45ef2bad996c4d6a0fa41b692247294745265af738066813
│ │ └── link
│ └── 85ecb68de4693bb4093d923f6d1062766e4fa7cbb3bf456a2bc19dd3e6c5e6c6
│ └── link
├── _manifests
│ ├── revisions
│ │ └── sha256
│ │ └── 3ce5b8d40451787e1166bf6b207c7834c13f7a0712b46ddbfb591d8b5906bfa6
│ │ └── link
│ └── tags
│ └── v0.12.0-s390x
│ ├── current
│ │ └── link
│ └── index
│ └── sha256
│ └── 3ce5b8d40451787e1166bf6b207c7834c13f7a0712b46ddbfb591d8b5906bfa6
│ └── link
└── _uploads
65 directories, 26 files
[root@docker_registry ~]#
提示:可以看到對應目錄下有兩個子目錄就是以我們上傳的鏡像名稱命名的;
示例:查看私有倉庫中存在的進行串列
[root@docker_registry ~]# curl docker-registry.io:5000/v2/_catalog
{"repositories":["centos","flannel"]}
[root@docker_registry ~]#
示例:下載私有倉庫中的鏡像到本地
[root@docker_node01 ~]# ip a l ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:22:36:7f brd ff:ff:ff:ff:ff:ff
inet 192.168.0.22/24 brd 192.168.0.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe22:367f/64 scope link
valid_lft forever preferred_lft forever
[root@docker_node01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
linux1874/myimg v0.1 e408b1c6e04f 2 weeks ago 1.22MB
wordpress latest c3fa1c8546fb 5 weeks ago 540MB
mysql 5.7 f965319e89de 5 weeks ago 448MB
alpine v3 f70734b6a266 6 weeks ago 5.61MB
nginx 1.14-alpine 8a2fb25a19f5 14 months ago 16MB
httpd 2.4.37-alpine dfd436f9a5d8 17 months ago 91.8MB
[root@docker_node01 ~]# docker pull 192.168.0.99:5000/flannel:v0.12.0-s390x
v0.12.0-s390x: Pulling from flannel
176bad61a3a4: Pull complete
13b80a37370b: Pull complete
42d8e66fa893: Pull complete
266247e2e603: Pull complete
1b56fbc8a8e1: Pull complete
85ecb68de469: Pull complete
Digest: sha256:3ce5b8d40451787e1166bf6b207c7834c13f7a0712b46ddbfb591d8b5906bfa6
Status: Downloaded newer image for 192.168.0.99:5000/flannel:v0.12.0-s390x
192.168.0.99:5000/flannel:v0.12.0-s390x
[root@docker_node01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
linux1874/myimg v0.1 e408b1c6e04f 2 weeks ago 1.22MB
wordpress latest c3fa1c8546fb 5 weeks ago 540MB
mysql 5.7 f965319e89de 5 weeks ago 448MB
alpine v3 f70734b6a266 6 weeks ago 5.61MB
192.168.0.99:5000/flannel v0.12.0-s390x 57eade024bfb 2 months ago 56.9MB
nginx 1.14-alpine 8a2fb25a19f5 14 months ago 16MB
httpd 2.4.37-alpine dfd436f9a5d8 17 months ago 91.8MB
[root@docker_node01 ~]#
提示:下載私有倉庫中的鏡像,默認情況docker也是不支持直接訪問http協議的倉庫,需要我們手動去配置insecure-registries,然后重啟docker才可以;
示例:洗掉私有倉庫中的鏡像
1、獲取對應鏡像的sha256的值 curl --header "Accept:application/vnd.docker.distribution.manifest.v2+json" -I -X GET http://<registry addr>/v2/<image name>/manifests/<image tag>
2、洗掉對應鏡像版本元資料 curl -I -X DELETE http://<registry addr>/v2/<image name>/manifests/<image digest>
提示:如果回應405方法不被允許;我們需要修改私有倉庫的組態檔,將其配置為允許洗掉;如下
[root@docker_registry ~]# cat /etc/docker-distribution/registry/config.yml
version: 0.1
log:
fields:
service: registry
storage:
delete:
enabled: true
cache:
layerinfo: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
[root@docker_registry ~]# systemctl restart docker-distribution
[root@docker_registry ~]# curl -IX DELETE http://docker-registry.io:5000/v2/centos/manifests/sha256:c2f1d5a9c0a81350fa0ad7e1eee99e379d75fe53823d44b5469eb2eb6092c941
HTTP/1.1 202 Accepted
Docker-Distribution-Api-Version: registry/2.0
Date: Sat, 06 Jun 2020 19:55:52 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8
[root@docker_registry ~]#
提示:degest值包含"sha256:"
3、垃圾回收清理
[root@docker_registry ~]# registry garbage-collect /etc/docker-distribution/registry/config.yml centos flannel flannel: marking manifest sha256:3ce5b8d40451787e1166bf6b207c7834c13f7a0712b46ddbfb591d8b5906bfa6 flannel: marking blob sha256:57eade024bfbd48c45ef2bad996c4d6a0fa41b692247294745265af738066813 flannel: marking blob sha256:176bad61a3a435da03ec603d2bd8f7a69286d92f21f447b17f21f0bc4e085bde flannel: marking blob sha256:13b80a37370b57f558a2e06092c39224e5d1ebac50e48df0afdeb43cf2303e60 flannel: marking blob sha256:42d8e66fa893de4beb5d136b787cf182b24b7f4972c4212b9493b661ad1d7e85 flannel: marking blob sha256:266247e2e603e1c840f97cb4d97a08b9184344e9802966cb42c93d21c407839f flannel: marking blob sha256:1b56fbc8a8e10830867455c0794a70f5469c154cdc013554daf501aeda3f30fe flannel: marking blob sha256:85ecb68de4693bb4093d923f6d1062766e4fa7cbb3bf456a2bc19dd3e6c5e6c6 myweb myweb: marking manifest sha256:aaf04cf567a776e36eb3b0bafaec17ed8d9e0a743bdb897dca13f251250ae493 myweb: marking blob sha256:4f406abeaab7f848178867409142090d1a551b22b968be6a6dae733c8403738e myweb: marking blob sha256:524b0c1e57f8ee5fee01a1decba2f301c324a6513ca3551021264e3aa7341ebc myweb: marking blob sha256:c941076f9075280c41b502283f37ab8bafef3a66f4a7ba299838dce07641a48d test test: marking manifest sha256:5ecad23ab8a52e55f93968f708d325261032dd613287aec92e7cf8ddd6426635 test: marking blob sha256:370e3a843c3cb12700301e3f87f929939146cd8b676260bedcd83aaa7fcc2939 test: marking blob sha256:524b0c1e57f8ee5fee01a1decba2f301c324a6513ca3551021264e3aa7341ebc test: marking manifest sha256:da8b53210bf1f4dc4873bbd5589abad616663cda45205ae3a4fffb0729d2730d test: marking blob sha256:461f6ceabc885e2e90b5f9ee82aefc9a30a39510c40e7cd8fb7436a4d340fe1d test: marking blob sha256:524b0c1e57f8ee5fee01a1decba2f301c324a6513ca3551021264e3aa7341ebc test: marking blob sha256:035e026f1d6b0acba3413ba616dcbabf75d20e945778c52716e601255452b7b7 17 blobs marked, 2 blobs eligible for deletion blob eligible for deletion: sha256:b5b4d78bc90ccd15806443fb881e35b5ddba924e2f475c1071a38a3094c3081d INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/b5/b5b4d78bc90ccd15806443fb881e35b5ddba924e2f475c1071a38a3094c3081d go.version=go1.9.4 instance.id=b3029d7f-99e8-4941-8c87-989514b584ea blob eligible for deletion: sha256:c2f1d5a9c0a81350fa0ad7e1eee99e379d75fe53823d44b5469eb2eb6092c941 INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/c2/c2f1d5a9c0a81350fa0ad7e1eee99e379d75fe53823d44b5469eb2eb6092c941 go.version=go1.9.4 instance.id=b3029d7f-99e8-4941-8c87-989514b584ea [root@docker_registry ~]#
測驗:下載docker-registry.io:5000/centos:7 看看是否還能下載?
[root@docker_node01 ~]# docker pull 192.168.0.99:5000/centos:7 Error response from daemon: manifest for 192.168.0.99:5000/centos:7 not found: manifest unknown: manifest unknown [root@docker_node01 ~]#
提示:以上提示告訴我們沒有對應鏡像的元資料資訊;說明我們私有倉庫沒有對應鏡像;以上方法適合精準洗掉某個鏡像的某個版本,如果是洗掉一個倉庫,直接洗掉 /var/lib/registry/docker/registry/v2/repositories/下對應倉庫的目錄,然后在用registry命令做垃圾回收;如下
[root@docker_registry ~]# ll /var/lib/registry/docker/registry/v2/repositories/ total 0 drwxr-xr-x 5 root root 55 Jun 6 14:16 centos drwxr-xr-x 5 root root 55 Jun 6 14:15 flannel drwxr-xr-x 5 root root 55 Jun 6 15:25 myweb drwxr-xr-x 5 root root 55 Jun 6 15:24 test [root@docker_registry ~]# rm -rf /var/lib/registry/docker/registry/v2/repositories/test [root@docker_registry ~]# rm -rf /var/lib/registry/docker/registry/v2/repositories/myweb [root@docker_registry ~]# ll /var/lib/registry/docker/registry/v2/repositories/ total 0 drwxr-xr-x 5 root root 55 Jun 6 14:16 centos drwxr-xr-x 5 root root 55 Jun 6 14:15 flannel [root@docker_registry ~]# registry garbage-collect /etc/docker-distribution/registry/config.yml centos flannel flannel: marking manifest sha256:3ce5b8d40451787e1166bf6b207c7834c13f7a0712b46ddbfb591d8b5906bfa6 flannel: marking blob sha256:57eade024bfbd48c45ef2bad996c4d6a0fa41b692247294745265af738066813 flannel: marking blob sha256:176bad61a3a435da03ec603d2bd8f7a69286d92f21f447b17f21f0bc4e085bde flannel: marking blob sha256:13b80a37370b57f558a2e06092c39224e5d1ebac50e48df0afdeb43cf2303e60 flannel: marking blob sha256:42d8e66fa893de4beb5d136b787cf182b24b7f4972c4212b9493b661ad1d7e85 flannel: marking blob sha256:266247e2e603e1c840f97cb4d97a08b9184344e9802966cb42c93d21c407839f flannel: marking blob sha256:1b56fbc8a8e10830867455c0794a70f5469c154cdc013554daf501aeda3f30fe flannel: marking blob sha256:85ecb68de4693bb4093d923f6d1062766e4fa7cbb3bf456a2bc19dd3e6c5e6c6 8 blobs marked, 9 blobs eligible for deletion blob eligible for deletion: sha256:370e3a843c3cb12700301e3f87f929939146cd8b676260bedcd83aaa7fcc2939 INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/37/370e3a843c3cb12700301e3f87f929939146cd8b676260bedcd83aaa7fcc2939 go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e blob eligible for deletion: sha256:524b0c1e57f8ee5fee01a1decba2f301c324a6513ca3551021264e3aa7341ebc INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/52/524b0c1e57f8ee5fee01a1decba2f301c324a6513ca3551021264e3aa7341ebc go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e blob eligible for deletion: sha256:5ecad23ab8a52e55f93968f708d325261032dd613287aec92e7cf8ddd6426635 INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/5e/5ecad23ab8a52e55f93968f708d325261032dd613287aec92e7cf8ddd6426635 go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e blob eligible for deletion: sha256:aaf04cf567a776e36eb3b0bafaec17ed8d9e0a743bdb897dca13f251250ae493 INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/aa/aaf04cf567a776e36eb3b0bafaec17ed8d9e0a743bdb897dca13f251250ae493 go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e blob eligible for deletion: sha256:035e026f1d6b0acba3413ba616dcbabf75d20e945778c52716e601255452b7b7 INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/03/035e026f1d6b0acba3413ba616dcbabf75d20e945778c52716e601255452b7b7 go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e blob eligible for deletion: sha256:461f6ceabc885e2e90b5f9ee82aefc9a30a39510c40e7cd8fb7436a4d340fe1d INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/46/461f6ceabc885e2e90b5f9ee82aefc9a30a39510c40e7cd8fb7436a4d340fe1d go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e blob eligible for deletion: sha256:4f406abeaab7f848178867409142090d1a551b22b968be6a6dae733c8403738e INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/4f/4f406abeaab7f848178867409142090d1a551b22b968be6a6dae733c8403738e go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e blob eligible for deletion: sha256:c941076f9075280c41b502283f37ab8bafef3a66f4a7ba299838dce07641a48d INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/c9/c941076f9075280c41b502283f37ab8bafef3a66f4a7ba299838dce07641a48d go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e blob eligible for deletion: sha256:da8b53210bf1f4dc4873bbd5589abad616663cda45205ae3a4fffb0729d2730d INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/da/da8b53210bf1f4dc4873bbd5589abad616663cda45205ae3a4fffb0729d2730d go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e [root@docker_registry ~]#
提示:這種方式比較粗暴簡單,通常是一個倉庫里只有一個版本鏡像可以使用這種方式洗掉,如果一個倉庫有多個版本,那么還是建議使用第一種方式;
轉載請註明出處,本文鏈接:https://www.uj5u.com/caozuo/61713.html
標籤:Linux