我如何使用Docker Registry API V2从私有registry中删除图像?
给定一个在localhost:5000的Dockerregistry ,如何使用Docker Registry HTTP API V2和curl来删除具有以下清单头文件和清单的busybox:latest :
derek@derekmahar-ubuntu-512mb-tor1-01:~/Projects/docker-registry$ curl --head --request GET http://localhost:5000/v2/busybox/manifests/latest HTTP/1.1 200 OK Content-Length: 2561 Content-Type: application/vnd.docker.distribution.manifest.v1+prettyjws Docker-Content-Digest: sha256:e45f25b1760f616e65f106b424f4ef29185fbd80822255d79dabc73b8eb715ad Docker-Distribution-Api-Version: registry/2.0 Etag: "sha256:e45f25b1760f616e65f106b424f4ef29185fbd80822255d79dabc73b8eb715ad" X-Content-Type-Options: nosniff Date: Wed, 04 May 2016 16:10:00 GMT derek@derekmahar-ubuntu-512mb-tor1-01:~/Projects/docker-registry$ curl --request GET http://localhost:5000/v2/busybox/manifests/latest { "schemaVersion": 1, "name": "busybox", "tag": "latest", "architecture": "amd64", "fsLayers": [ { "blobSum": "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4" }, { "blobSum": "sha256:385e281300cc6d88bdd155e0931fbdfbb1801c2b0265340a40481ee2b733ae66" } ], "history": [ { "v1Compatibility": "{\"architecture\":\"amd64\",\"config\":{\"Hostname\":\"156e10b83429\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":null,\"Cmd\":[\"sh\"],\"Image\":\"56ed16bd6310cca65920c653a9bb22de6b235990dcaa1742ff839867aed730e5\",\"Volumes\":null,\"WorkingDir\":\"\",\"Entrypoint\":null,\"OnBuild\":null,\"Labels\":{}},\"container\":\"5f8098ec29947b5bea80483cd3275008911ce87438fed628e34ec0c522665510\",\"container_config\":{\"Hostname\":\"156e10b83429\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":null,\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) CMD [\\\"sh\\\"]\"],\"Image\":\"56ed16bd6310cca65920c653a9bb22de6b235990dcaa1742ff839867aed730e5\",\"Volumes\":null,\"WorkingDir\":\"\",\"Entrypoint\":null,\"OnBuild\":null,\"Labels\":{}},\"created\":\"2016-03-18T18:22:48.810791943Z\",\"docker_version\":\"1.9.1\",\"id\":\"437595becdebaaaf3a4fc3db02c59a980f955dee825c153308c670610bb694e1\",\"os\":\"linux\",\"parent\":\"920777304d1d5e337bc59877253e946f224df5aae64c72538672eb74637b3c9e\"}" }, { "v1Compatibility": "{\"id\":\"920777304d1d5e337bc59877253e946f224df5aae64c72538672eb74637b3c9e\",\"created\":\"2016-03-18T18:22:48.262403239Z\",\"container_config\":{\"Cmd\":[\"/bin/sh -c #(nop) ADD file:47ca6e777c36a4cfffe3f918b64a445c8f32300deeb9dfa5cc47261bd7b75d21 in /\"]}}" } ], "signatures": [ { "header": { "jwk": { "crv": "P-256", "kid": "RVEO:MXL3:ZYLW:BFGB:QAKI:SIKZ:JOVR:U7AP:2LGY:4SSF:MSV4:LND7", "kty": "EC", "x": "ZFyhNUInMwlVmFKzz-e-o_tzMd01ZdCj6LyGV4dnT5Y", "y": "3a0BcWa0h60tTGHYhUI4ziKisRk6b4JtvqbmL9kKy6E" }, "alg": "ES256" }, "signature": "BVWioJafWmMrUBBi9meRy9CUQYdsZgwkY01ipT1HInXofVXCIZmNMq7EFEl4A88pMZsf7DHZS2dyFeFjj-QP1Q", "protected": "eyJmb3JtYXRMZW5ndGgiOjE5MTQsImZvcm1hdFRhaWwiOiJDbjAiLCJ0aW1lIjoiMjAxNi0wNS0wNFQxNjoxMzo0M1oifQ" } ] }
当我尝试DELETE图像摘要时,Docker Registry抱怨“HTTP 1.1”未find“和”MANIFEST_UNKNOWN“:
derek@derekmahar-ubuntu-512mb-tor1-01:~/Projects/docker-registry$ curl --request DELETE http://localhost:5000/v2/busybox/manifests/sha256:e45f25b1760f616e65f106b424f4ef29185fbd80822255d79dabc73b8eb715ad {"errors":[{"code":"MANIFEST_UNKNOWN","message":"manifest unknown"}]}
请注意:此API端点仅在更高版本的v2registry中实现!
有一个内部的垃圾回收过程,它删除registry中的图像,但不能通过v2registryAPI访问。 这个function看起来好像有很多最近的动作,所以这个信息可能会改变。
根据API规范,您必须获取图像摘要才能对其执行DELETE操作。 请仔细阅读该规范,并在请求正确的图像摘要时注意有关所需标题的部分(“注意:从registry2.3或更高版本删除清单时,必须在HEAD或GET清单获取时使用以下标题正确的摘要删除:Accept:application / vnd.docker.distribution.manifest.v2 + json“)
curl -v -u "user@example.com:passw0rd" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" -X HEAD https://registry.example.com/v2/derek/busybox/manifests/latest
当你这样做的时候,你会特别注意Docker-Content-Digest标题。 在您的特定请求中,完整的标题如下所示:
Docker-Content-Digest: sha256:e45f25b1760f616e65f106b424f4ef29185fbd80822255d79dabc73b8eb715ad
现在使用该摘要,您应该能够将其插入到您所链接的API所描述的格式中:
DELETE /v2/<name>/manifests/<reference>
要使用上面我使用的例子,但是使用摘要,curl看起来像这样:
curl -u "user@example.com:passw0rd" -X DELETE https://registry.example.com/v2/derek/busybox/manifests/sha256:e45f25b1760f616e65f106b424f4ef29185fbd80822255d79dabc73b8eb715ad
那么你应该得到一个202 Accepted响应代码表示成功删除。
您也可以从这个要点中尝试简短的脚本:
registry='localhost:5000' name='my-image' curl -v -sSL -X DELETE "http://${registry}/v2/${name}/manifests/$( curl -sSL -I \ -H "Accept: application/vnd.docker.distribution.manifest.v2+json" \ "http://${registry}/v2/${name}/manifests/$( curl -sSL "http://${registry}/v2/${name}/tags/list" | jq -r '.tags[0]' )" \ | awk '$1 == "Docker-Content-Digest:" { print $2 }' \ | tr -d $'\r' \ )"
您可能还需要在configuration文件中启用删除。