1、为什么要删除私有镜像仓库中镜像?
1.1、如何搭建私有镜像仓库
请参考
基于registry镜像构建本地镜像仓库
1.2、需要删除镜像的场景
比如,要编译k8s,需要kube-cross镜像,当前最新的版本V1.13.6-1
而编译k8s 1.17.0需要 V1.13.4-1
可能在上传镜像到私有镜像仓库的时候将V1.13.6-1的kube-cross tag成了V1.13.4-1,编译k8s的时候,出现版本不匹配导致编译失败
此时就需要删除私有镜像仓库中的kube-cross版本
# docker tag 192.168.166.180:50500/kube-cross:v1.13.6-1 192.168.166.180:50500/kube-cross:v1.13.4-1
# docker push 192.168.166.180:50500/kube-cross:v1.13.4-1
The push refers to repository [10.43.166.180:50500/kube-cross]
4bd71a18d78f: Layer already exists
022eea37cee0: Layer already exists
7e34d1e37033: Layer already exists
24af9960442d: Layer already exists
271b7f26a286: Layer already exists
64cbc4bfc2f3: Layer already exists
ec13f1004587: Layer already exists
e5abe1112ca1: Layer already exists
efdff2422869: Layer already exists
3d6d182dab88: Layer already exists
e6d60910d056: Layer already exists
b52c1c103fae: Layer already exists
6f1c84e6ec59: Layer already exists
dd5242c2dc8a: Layer already exists
v1.13.4-1: digest: sha256:df0a50772214025040ea31144a731b5fa76944cbfc9c87db05af98e4aa39aa7f size: 3274
还有可能是镜像仓库满了,需要删除一些不需要的或者版本比较老的镜像2、删除镜像
2.1、查看镜像列表
> curl http://192.168.166.180:50500/v2/_catalog
{"repositories":["debian-base-amd64","debian-iptables-amd64","kube-cross","registry"]}
2.2、修改registry容器配置文件
registry v2版本的镜像,默认是不允许删除镜像的,所以需要修改配置文件,使能删除方法
2.2.1、查看registry容器ID
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d697e31fae97 registry "/entrypoint.sh /etc…" 41 hours ago Up 41 hours 0.0.0.0:50500->5000/tcp local-registry
2.2.2、查看配置文件
# docker exec -it d697e31fae97 cat /etc/docker/registry/config.yml
version: 0.1
log:
fields:
service: registry
storage:
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
headers:
X-Content-Type-Options: [nosniff]
health:
storagedriver:
enabled: true
interval: 10s
threshold: 3
2.2.3、修改配置文件
增加 delete段,将enabled设置为true
# docker exec -it d697e31fae97 vi /etc/docker/registry/config.yml
2.2.4、查看修改后的配置文件
# docker exec -it d697e31fae97 cat /etc/docker/registry/config.yml
version: 0.1
log:
fields:
service: registry
storage:
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /var/lib/registry
delete:
enabled: true
http:
addr: :5000
headers:
X-Content-Type-Options: [nosniff]
health:
storagedriver:
enabled: true
interval: 10s
threshold: 3
2.2.5、重启容器生效配置
# docker restart d697e31fae97
d697e31fae97
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d697e31fae97 registry "/entrypoint.sh /etc…" 41 hours ago Up 3 seconds 0.0.0.0:50500->5000/tcp local-registry
2.2、获取镜像摘要信息
# curl --header "Accept: application/vnd.docker.distribution.manifest.v2+json" -I -X GET http://192.168.166.180:50500/v2/kube-cross/manifests/v1.13.4-1
HTTP/1.1 200 OK
Content-Length: 3274
Content-Type: application/vnd.docker.distribution.manifest.v2+json
Docker-Content-Digest: sha256:df0a50772214025040ea31144a731b5fa76944cbfc9c87db05af98e4aa39aa7f
Docker-Distribution-Api-Version: registry/2.0
Etag: "sha256:df0a50772214025040ea31144a731b5fa76944cbfc9c87db05af98e4aa39aa7f"
X-Content-Type-Options: nosniff
Date: Wed, 18 Mar 2020 09:51:02 GMT2.3、删除镜像
# curl -I -X DELETE http://192.168.166.180:50500/v2/kube-cross/manifests/sha256:df0a50772214025040ea31144a731b5fa76944cbfc9c87db05af98e4aa39aa7f
HTTP/1.1 202 Accepted
Docker-Distribution-Api-Version: registry/2.0
X-Content-Type-Options: nosniff
Date: Wed, 18 Mar 2020 09:52:08 GMT
Content-Length: 0
2.4、检查镜像已经不存在
# curl --header "Accept: application/vnd.docker.distribution.manifest.v2+json" -I -X GET http://192.168.166.180:50500/v2/kube-cross/manifests/v1.13.4-1
HTTP/1.1 404 Not Found
Content-Type: application/json; charset=utf-8
Docker-Distribution-Api-Version: registry/2.0
X-Content-Type-Options: nosniff
Date: Wed, 18 Mar 2020 09:53:05 GMT
Content-Length: 99
2.5、参考流程
2.5.1、远程删除镜像
1.远程查找镜像 curl --header "Accept: application/vnd.docker.distribution.manifest.v2+json" -I -X GET http://ip:端口/v2/镜像名称/manifests/tag名称
> curl --header "Accept: application/vnd.docker.distribution.manifest.v2+json" -I -X GET http://101.43.162.5:5000/v2/jf-note/manifests/latest
HTTP/1.1 200 OK
Content-Length: 2007
Content-Type: application/vnd.docker.distribution.manifest.v2+json
Docker-Content-Digest: sha256:8bdeacd88b4a1ee75ae7e687d8575da638f0881957b8d18e9cd24f299f1414b7
Docker-Distribution-Api-Version: registry/2.0
Etag: "sha256:8bdeacd88b4a1ee75ae7e687d8575da638f0881957b8d18e9cd24f299f1414b7"
X-Content-Type-Options: nosniff
Date: Mon, 06 Feb 2023 05:48:42 GMT 2. 删除镜像 curl -I -X DELETE http://ip:端口/v2/镜像名称/manifests/查找后的镜像id
> curl -I -X DELETE http://101.43.162.5:5000/v2/jf-note/manifests/sha256:8bdeacd88b4a1ee75ae7e687d8575da638f0881957b8d18e9cd24f299f1414b7
HTTP/1.1 202 Accepted
Docker-Distribution-Api-Version: registry/2.0
X-Content-Type-Options: nosniff
Date: Mon, 06 Feb 2023 05:51:44 GMT
Content-Length: 02.5.2、删除registry
1.进入容器 docker exec -it 容器名称 sh
> docker exec -it registry2 sh 2. 查找镜像 find . -name "*搜索内容*"
> find . -name "*note*"
./var/lib/registry/docker/registry/v2/repositories/note
3. 删除镜像 rm -r 路径
> rm -r ./var/lib/registry/docker/registry/v2/repositories/note
3、可能遇到的问题
3.1、无删除权限
Method Not Allowed
# curl -I -XDELETE http://192.168.166.180:50500/v2/kube-cross/manifests/sha256:1ca2db35badb4e5ab64ff6478ad550514234e97dcfae3bbfe688b40278c99fc0
HTTP/1.1 405 Method Not Allowed
Content-Type: application/json; charset=utf-8
Docker-Distribution-Api-Version: registry/2.0
X-Content-Type-Options: nosniff
Date: Wed, 18 Mar 2020 09:28:50 GMT
Content-Length: 78
原因是默认情况下,delete方法没有enable
可以参考2.2节修改
3.2、没有找到镜像
# curl -I -XDELETE http://192.168.166.180:50500/v2/kube-cross/manifests/sha256:1ca2db35badb4e5ab64ff6478ad550514234e97dcfae3bbfe688b40278c99fc0
HTTP/1.1 404 Not Found
Content-Type: application/json; charset=utf-8
Docker-Distribution-Api-Version: registry/2.0
X-Content-Type-Options: nosniff
Date: Wed, 18 Mar 2020 09:43:22 GMT
Content-Length: 70
原因可能是获取的摘要不对
registry v2 版本获取摘要的命令需加上这个header
–header “Accept: application/vnd.docker.distribution.manifest.v2+json”