Docker Registry Clean

文章目录

    • [1. Introduction](#1. Introduction)
    • [2. Features](#2. Features)
    • [3. Docker Installation](#3. Docker Installation)
    • [4. Docker Configuration](#4. Docker Configuration)
    • [5. DNS Configuration](#5. DNS Configuration)
    • [6. Deploying the Registry](#6. Deploying the Registry)
    • [7. Registry API Management](#7. Registry API Management)
    • [8. Bulk Image Cleanup](#8. Bulk Image Cleanup)
    • [9. Additional Resources](#9. Additional Resources)
    • [10. References](#10. References)

1. Introduction

registry-clean is a powerful and efficient solution designed to simplify the management of your Docker image registry. It enables easy bulk deletion of outdated or unnecessary images, ensuring your registry remains organized and performs optimally. This intuitive script simplifies image lifecycle management, providing peace of mind in fast-paced development environments. Enhance your Docker registry management experience with registry-clean.

2. Features

  • Handles Diverse Image Types: Deletes images with or without project names, images with multiple tags, and even non-existent images (reporting appropriately).
  • Safe Deletion: The script verifies the existence of images before deletion, preventing accidental removals.
  • Garbage Collection: Performs garbage collection after execution to reclaim disk space.

3. Docker Installation

Before proceeding, ensure Docker is installed and configured correctly.

4. Docker Configuration

bash 复制代码
$ cat /etc/docker/daemon.json
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "insecure-registries": ["registry.ghostwritten.com"],
  "live-restore": true,
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m",
    "max-file": "5"
  }
}

If using a proxy, modify the /usr/lib/systemd/system/docker.service.d/proxy.conf file:

bash 复制代码
$ cat /usr/lib/systemd/system/docker.service.d/proxy.conf
[Service]
Environment="HTTP_PROXY=http://192.168.21.101:7890"
Environment="HTTPS_PROXY=http://192.168.21.101:7890"
Environment="NO_PROXY=localhost,127.0.0.1,.coding.net,.tencentyun.com,.myqcloud.com,*.bsgchina.com"

After configuration changes, run the following command:

bash 复制代码
$ sudo systemctl daemon-reload && sudo systemctl restart docker

5. DNS Configuration

To access the private image registry registry.ghostwritten.com, configure DNS resolution.

Server-side (192.168.21.25) Configuration: Modify the /etc/unbound/unbound.conf file, adding the following (adjust IP address as needed):

bash 复制代码
$ cat /etc/unbound/unbound.conf
...
local-data: "registry.ghostwritten.com A 192.168.21.25"
local-data-ptr: "192.168.21.25 registry.ghostwritten.com"
...

Restart the Unbound service:

bash 复制代码
$ sudo systemctl restart unbound

Client-side Configuration: Ensure the /etc/resolv.conf file points to the correct DNS server (e.g., your server at 192.168.21.2):

bash 复制代码
$ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.21.2

6. Deploying the Registry

Deploy the Docker Registry and enable image deletion:

bash 复制代码
$ docker run -d --restart=always --name registry -p 80:5000 -e REGISTRY_COMPATIBILITY_SCHEMA1_ENABLED=true -e REGISTRY_STORAGE_DELETE_ENABLED=true -v /data/registry:/var/lib/registry registry:latest

Note: Create the /data/registry directory beforehand and ensure the Docker container has write permissions.

7. Registry API Management

The Docker Registry provides a RESTful API for image management. Here are some examples:

  • List Image Tags:
bash 复制代码
$ curl -s 'http://registry.ghostwritten.com/v2/registry/tags/list' | jq .
# Example output: {"name": "registry", "tags": ["latest"]}
  • Get Image Manifest:
bash 复制代码
$ curl -I -X GET 'http://registry.ghostwritten.com/v2/registry/manifests/latest'
# (HTTP response headers will be displayed here)
  • Delete Image (Using Digest): Direct tag deletion might fail; use the digest instead. First, obtain the image digest using docker inspect:
bash 复制代码
$ curl -I -X DELETE http://registry.ghostwritten.com/v2/registry/manifests/latest
# (HTTP response headers - likely a 400 error)

$ docker inspect registry.ghostwritten.com/registry:latest | jq -r '.[0].RepoDigests[]' | grep registry.ghostwritten.com | awk -F '@' '{print $2}'
# Output: (SHA256 digest)

$ curl -I -X GET 'http://registry.ghostwritten.com/v2/registry/manifests/<SHA256_digest>'
# (HTTP response headers)

$ curl -I -X DELETE 'http://registry.ghostwritten.com/v2/registry/manifests/<SHA256_digest>'
# (HTTP response headers - likely a 202 Accepted)

$ curl -s 'http://registry.ghostwritten.com/v2/_catalog' | jq .
# Example output: {"repositories": ["library/busybox", "registry"]}

$ curl -q -s 'http://registry.ghostwritten.com/v2/registry/tags/list' | jq .
# Example output: {"name": "registry", "tags": [] or ["latest"]}

$ rm -rf /data/registry/docker/registry/v2/repositories/registry

$ curl -q -s http://registry.ghostwritten.com/v2/_catalog | jq .
# Example output: {"repositories": ["library/busybox"]}

Pushing an image:

bash 复制代码
$ docker push registry.ghostwritten.com/registry:latest
# (Docker push output)

Checking image tags:

bash 复制代码
$ curl -q -s 'http://registry.ghostwritten.com/v2/registry/tags/list' | jq .
# Example output: {"name": "registry", "tags": ["latest"]}

8. Bulk Image Cleanup

This section demonstrates a cleanup process. First, images are pushed to the registry. Future scenarios may need to handle various situations: images with or without project names, and images with multiple tags.

bash 复制代码
$ cat registry-images-push.sh
docker push registry.ghostwritten.com/demo/nginx:1.26
docker push registry.ghostwritten.com/demo/nginx:latest
docker push registry.ghostwritten.com/library/busybox:1.36.1
docker push registry.ghostwritten.com/registry:latest
docker push registry.ghostwritten.com/library/busybox:1.35.0

Push images to the registry:

bash 复制代码
$ sh registry-images-push.sh

Images to be deleted are listed in registry-images-clean.txt. This tests several deletion scenarios: deleting images with multiple tags, images without project names, and non-existent images.

bash 复制代码
$ cat registry-images-clean.txt
registry.ghostwritten.com/library/busybox:1.36.1
registry.ghostwritten.com/registry:latest
registry.ghostwritten.com/demo/nginx:1.26
registry.ghostwritten.com/demo/nginx:noexist

The registry-images-clean.sh script is used for bulk deletion of Docker images. It supports two modes: ls (list images) and rm (remove images).

Usage:

  1. Create registry-images-clean.txt: List images to delete, one per line (e.g., registry.ghostwritten.com/library/busybox:1.36.1).
  2. Run the script:
    • List images: ./registry-images-clean.sh ls
    • Remove images: ./registry-images-clean.sh rm

Check current registry images:

bash 复制代码
$ sh registry-images-clean.sh ls
# Output: (List of images and tags)

Delete images:

bash 复制代码
$ sh registry-images-clean.sh rm
# Output: (Messages indicating success or failure for each image deletion)

Check the registry again:

bash 复制代码
$ sh registry-images-clean.sh ls
# Output: (Updated list of images and tags)

9. Additional Resources

10. References

Remember to replace the outdated links with current, official documentation. The registry-images-clean.sh script provided needs significant improvement for robustness and error handling in a production environment.

相关推荐
运维老郭15 小时前
【K8s运维实战】Kubernetes临时存储卷实战:emptyDir核心用法与gitRepo弃用迁移指南
运维·云原生·kubernetes
珠海西格电力16 小时前
云边端协同架构:零碳园区管理系统的技术底座
大数据·运维·人工智能·算法·架构·能源
阿成学长_Cain16 小时前
Linux dirs命令详解|Bash目录堆栈管理快速切换目录实战教程
linux·运维·前端·数据库
小羊Yveesss17 小时前
2026年微信小程序后端怎么搭建?后台、数据、接口和运维怎么选
运维·微信小程序·小程序
想你依然心痛18 小时前
嵌入式Linux安全加固:SELinux、Capabilities与Seccomp——强制访问控制与沙箱
linux·运维·安全
AAA@峥19 小时前
容器数据不丢失:Docker 分层存储 + Volume 共享、备份迁移完整指南
运维·docker·容器
MDM.Plus19 小时前
苹果MDM技术演进:从远程控制到设备信任体系的构建
运维·服务器·安全·ios·mdm·手机店
REDcker20 小时前
macOS 挂载 Linux 远程目录详解
linux·运维·macos
2601_9615934220 小时前
Mac 上搭建Linux环境吗?VMware + CentOS Stream 9 镜像快速部署
linux·运维·ide·macos·centos
写代码的学渣20 小时前
Linux systemd 开机启动日志逐行详细解析报告
linux·运维·服务器