容器技术之Docker私有镜像仓库docker-distribution
在前边的博客中我们说到docker的架构由docker客户端、服务端以及仓库组成;docker仓库就是用来存放镜像的地方;其实docker registry我们理解为存放docker镜像仓库的仓库比较准确吧;因为docker的镜像仓库通常是把同一类的镜像用不同的版本来区别,而registry则是用来存放这些仓库的仓库;默认安装docker都是从dockerhub镜像仓库下载镜像;其实在生产环境中,我们很少去公有仓库上下载镜像,原因之一是公有仓库中的镜像在生产环境中使用,有些不适配,通常我们是去公有仓库下载基础镜像,然后基于基础镜像构建适合自己生产环境中的镜像;其次公有仓库镜像有很多都不是安全的镜像,这么说吧,我们不确定自己下载的镜像是否有后门,是否有挖矿代码,所以基于种种因素,我们还是有必要搭建自己私有的镜像仓库;今天我们就来聊一聊docker的私有镜像仓库的搭建;
1、查看docker-distribution包简介
[root@docker_registry ~]# yum info docker-distribution
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Available Packages
Name : docker-distribution
Arch : x86_64
Version : 2.6.2
Release : 2.git48294d9.el7
Size : 3.5 M
Repo : extras/7/x86_64
Summary : Docker toolset to pack, ship, store, and deliver content
URL : https://github.com/docker/distribution
License : ASL 2.0
Description : Docker toolset to pack, ship, store, and deliver content [root@docker_registry ~]#
提示:docker-distribution这个包就是提供简单仓库服务软件实现;
2、安装docker-distribution
[root@docker_registry ~]# yum install -y docker-distribution
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Resolving Dependencies
There are unfinished transactions remaining. You might consider running yum-complete-transaction, or "yum-complete-transaction --cleanup-only" and "yum history redo last", first to finish them. If those don't work you'll have to try removing/installing packages by hand (maybe package-cleanup can help).
The program yum-complete-transaction is found in the yum-utils package.
--> Running transaction check
---> Package docker-distribution.x86_64 0:2.6.2-2.git48294d9.el7 will be installed
--> Finished Dependency Resolution Dependencies Resolved ===================================================================================================================
Package Arch Version Repository Size
===================================================================================================================
Installing:
docker-distribution x86_64 2.6.2-2.git48294d9.el7 extras 3.5 M Transaction Summary
===================================================================================================================
Install 1 Package Total download size: 3.5 M
Installed size: 12 M
Downloading packages:
docker-distribution-2.6.2-2.git48294d9.el7.x86_64.rpm | 3.5 MB 00:00:03
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : docker-distribution-2.6.2-2.git48294d9.el7.x86_64 1/1
Verifying : docker-distribution-2.6.2-2.git48294d9.el7.x86_64 1/1 Installed:
docker-distribution.x86_64 0:2.6.2-2.git48294d9.el7 Complete!
[root@docker_registry ~]#
3、查看docker-distribution安装了那些文件
[root@docker_registry ~]# rpm -ql docker-distribution
/etc/docker-distribution/registry/config.yml
/usr/bin/registry
/usr/lib/systemd/system/docker-distribution.service
/usr/share/doc/docker-distribution-2.6.2
/usr/share/doc/docker-distribution-2.6.2/AUTHORS
/usr/share/doc/docker-distribution-2.6.2/CONTRIBUTING.md
/usr/share/doc/docker-distribution-2.6.2/LICENSE
/usr/share/doc/docker-distribution-2.6.2/MAINTAINERS
/usr/share/doc/docker-distribution-2.6.2/README.md
/var/lib/registry
[root@docker_registry ~]#
提示:/etc/docker-distribution/registry/config.yml这个文件用于配置registry的配置文件;/usr/bin/registry是二进制应用程序;/usr/lib/systemd/system/docker-distribution.service 这个文件是docker-distribution的unit file;/var/lib/registry这个目录用于存放我们上传到registry上的镜像存放地;
4、查看配置文件
[root@docker_registry ~]# cat /etc/docker-distribution/registry/config.yml
version: 0.1
log:
fields:
service: registry
storage:
cache:
layerinfo: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
[root@docker_registry ~]#
提示:这个配置文件是一个yml语法的配置文件,从上面的信息可以看到,默认情况docker-distribution监听在tcp的5000端口;存放镜像的目录是/var/lib/registry/目录下;
5、启动docker-distribution
[root@docker_registry ~]# systemctl start docker-distribution
[root@docker_registry ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 128 :::5000 :::*
[root@docker_registry ~]#
提示:可以看到5000端口已经处于监听状态了;到此docker-distribution就启动起来了;这个仓库服务很简陋,没有用户认证功能,默认是基于http通信而非https,所以从某些角度讲,不是一个安全的仓库;所以一般不见在互联网上使用,在自己的内外环境中可以使用;
这里补充一点,docker的镜像通常是 registry地址加repository名称加版本这三部分组成,registry可以是域名,可以是ip地址加端口,也可以说域名加端口,默认https是443端口,http是80端口,如果不写端口默认是443而非80(原因是docker默认不支持从http协议的仓库下载/上传镜像);例如 quay.io/coreos/flannel:v0.12.0-s390x 从这个镜像名我们就可以知道registry是https://quay.io;repository名称为coreos/flannel 版本是v0.12.0-s390x;
示例:下载第三方仓库镜像到本地
提示:可以看到下载下来的镜像名称就是我们刚才说的registry+repository+版本;从上面的信息我们可以总结一点,docker镜像的名称(标签)反应了该镜像来自哪个registry的那个仓库;所以我们要下载私有镜像仓库中的镜像就需要把加上私有registry的名称或地址+repository+版本来下载私有镜像仓库中的镜像;同理上传镜像也需要写明上传到那个registry中的那个repository中去;
示例:上传本地镜像到私有仓库
提示:要把本地仓库镜像传到私有仓库中去,首先我们要把本地镜像打一个新的标签,按照我们刚才上面说的逻辑,然后在上传新打到标签的镜像到私有仓库就可以了;从上面的信息我们看到当我们打好标签后,上传镜像时报错了,提示我们仓库不是https的;默认情况docker不支持http明文上传/下载镜像;如果我们非要用http上传下载镜像我们需要在配置文件中明确的告诉docker非安全仓库地址;
配置docker支持私有仓库上传下载镜像
[root@docker_registry ~]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com","https://cyr1uljt.mirror.aliyuncs.com"],
"insecure-registries": ["192.168.0.99:5000"]
} [root@docker_registry ~]# systemctl daemon-reload
[root@docker_registry ~]# systemctl restart docker
提示:我们通过在配置文件中配置insecure-registries来告诉docker192.168.0.99:5000这个registry是不安全的,但是我们信任这个仓库,大概就是这个意思嘛;这里需要注意点通常我们是写主机名然后配合hosts文件来解析的方式来对registry解析;从而把镜像命名为主机名+仓库名+版本的形式;如下所示;这里还需要注意一点insecure-registries后面的列表中的仓库如果是域名加端口,域名不能有下划线(“_”),否则重启docker会起不来;
[root@docker_registry ~]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com","https://cyr1uljt.mirror.aliyuncs.com"],
"insecure-registries": ["192.168.0.99:5000","docker-registry.io:5000"] }
[root@docker_registry ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.99 docker-registry.io registry
192.168.0.22 docker-node01.io node01
192.168.0.23 docker-node02.io node02
[root@docker_registry ~]# systemctl restart docker
[root@docker_registry ~]# docker info
Client:
Debug Mode: false Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 1
Server Version: 19.03.11
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-693.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 1.785GiB
Name: docker_registry
ID: R34V:IG2F:23I6:6WG6:FFQ4:75SV:3UKZ:RFH7:DGCO:QS7V:CS7K:NSH6
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
192.168.0.99:5000
docker-registry.io:5000
127.0.0.0/8
Registry Mirrors:
https://registry.docker-cn.com/
https://cyr1uljt.mirror.aliyuncs.com/
Live Restore Enabled: false [root@docker_registry ~]#
提示:重启docker后,如果在docker info 中能够看到我们配置的内容说明配置生效了;现在我们再来传我们新打的标签的镜像,看看是否能够传到我们的私有仓库呢?
[root@docker_registry ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker-registry.io:5000/centos 7 b5b4d78bc90c 4 weeks ago 203MB
centos 7 b5b4d78bc90c 4 weeks ago 203MB
192.168.0.99:5000/flannel v0.12.0-s390x 57eade024bfb 2 months ago 56.9MB
quay.io/coreos/flannel v0.12.0-s390x 57eade024bfb 2 months ago 56.9MB
[root@docker_registry ~]# docker push 192.168.0.99:5000/flannel:v0.12.0-s390x
The push refers to repository [192.168.0.99:5000/flannel]
b67de7789e55: Pushed
4c4bfa1b47e6: Pushed
3b7ae8a9c323: Pushed
fbd88a276dca: Pushed
271ca11ef489: Pushed
1f106b41b4d6: Pushed
v0.12.0-s390x: digest: sha256:3ce5b8d40451787e1166bf6b207c7834c13f7a0712b46ddbfb591d8b5906bfa6 size: 1579
[root@docker_registry ~]# docker push docker-registry.io:5000/centos:7
The push refers to repository [docker-registry.io:5000/centos]
edf3aa290fb3: Pushed
7: digest: sha256:c2f1d5a9c0a81350fa0ad7e1eee99e379d75fe53823d44b5469eb2eb6092c941 size: 529
[root@docker_registry ~]#
提示:可以看到我们上传的两个镜像都完成了上传没有报错,接下来我们去/var/lib/registry/这个目录,看看是否有这两个镜像相关目录?
[root@docker_registry ~]# tree /var/lib/registry/
/var/lib/registry/
└── docker
└── registry
└── v2
├── blobs
│ └── sha256
│ ├── 13
│ │ └── 13b80a37370b57f558a2e06092c39224e5d1ebac50e48df0afdeb43cf2303e60
│ │ └── data
│ ├── 17
│ │ └── 176bad61a3a435da03ec603d2bd8f7a69286d92f21f447b17f21f0bc4e085bde
│ │ └── data
│ ├── 1b
│ │ └── 1b56fbc8a8e10830867455c0794a70f5469c154cdc013554daf501aeda3f30fe
│ │ └── data
│ ├── 26
│ │ └── 266247e2e603e1c840f97cb4d97a08b9184344e9802966cb42c93d21c407839f
│ │ └── data
│ ├── 3c
│ │ └── 3ce5b8d40451787e1166bf6b207c7834c13f7a0712b46ddbfb591d8b5906bfa6
│ │ └── data
│ ├── 42
│ │ └── 42d8e66fa893de4beb5d136b787cf182b24b7f4972c4212b9493b661ad1d7e85
│ │ └── data
│ ├── 52
│ │ └── 524b0c1e57f8ee5fee01a1decba2f301c324a6513ca3551021264e3aa7341ebc
│ │ └── data
│ ├── 57
│ │ └── 57eade024bfbd48c45ef2bad996c4d6a0fa41b692247294745265af738066813
│ │ └── data
│ ├── 85
│ │ └── 85ecb68de4693bb4093d923f6d1062766e4fa7cbb3bf456a2bc19dd3e6c5e6c6
│ │ └── data
│ ├── b5
│ │ └── b5b4d78bc90ccd15806443fb881e35b5ddba924e2f475c1071a38a3094c3081d
│ │ └── data
│ └── c2
│ └── c2f1d5a9c0a81350fa0ad7e1eee99e379d75fe53823d44b5469eb2eb6092c941
│ └── data
└── repositories
├── centos
│ ├── _layers
│ │ └── sha256
│ │ ├── 524b0c1e57f8ee5fee01a1decba2f301c324a6513ca3551021264e3aa7341ebc
│ │ │ └── link
│ │ └── b5b4d78bc90ccd15806443fb881e35b5ddba924e2f475c1071a38a3094c3081d
│ │ └── link
│ ├── _manifests
│ │ ├── revisions
│ │ │ └── sha256
│ │ │ └── c2f1d5a9c0a81350fa0ad7e1eee99e379d75fe53823d44b5469eb2eb6092c941
│ │ │ └── link
│ │ └── tags
│ │ └── 7
│ │ ├── current
│ │ │ └── link
│ │ └── index
│ │ └── sha256
│ │ └── c2f1d5a9c0a81350fa0ad7e1eee99e379d75fe53823d44b5469eb2eb6092c941
│ │ └── link
│ └── _uploads
└── flannel
├── _layers
│ └── sha256
│ ├── 13b80a37370b57f558a2e06092c39224e5d1ebac50e48df0afdeb43cf2303e60
│ │ └── link
│ ├── 176bad61a3a435da03ec603d2bd8f7a69286d92f21f447b17f21f0bc4e085bde
│ │ └── link
│ ├── 1b56fbc8a8e10830867455c0794a70f5469c154cdc013554daf501aeda3f30fe
│ │ └── link
│ ├── 266247e2e603e1c840f97cb4d97a08b9184344e9802966cb42c93d21c407839f
│ │ └── link
│ ├── 42d8e66fa893de4beb5d136b787cf182b24b7f4972c4212b9493b661ad1d7e85
│ │ └── link
│ ├── 57eade024bfbd48c45ef2bad996c4d6a0fa41b692247294745265af738066813
│ │ └── link
│ └── 85ecb68de4693bb4093d923f6d1062766e4fa7cbb3bf456a2bc19dd3e6c5e6c6
│ └── link
├── _manifests
│ ├── revisions
│ │ └── sha256
│ │ └── 3ce5b8d40451787e1166bf6b207c7834c13f7a0712b46ddbfb591d8b5906bfa6
│ │ └── link
│ └── tags
│ └── v0.12.0-s390x
│ ├── current
│ │ └── link
│ └── index
│ └── sha256
│ └── 3ce5b8d40451787e1166bf6b207c7834c13f7a0712b46ddbfb591d8b5906bfa6
│ └── link
└── _uploads 65 directories, 26 files
[root@docker_registry ~]#
提示:可以看到对应目录下有两个子目录就是以我们上传的镜像名称命名的;
示例:查看私有仓库中存在的进行列表
[root@docker_registry ~]# curl docker-registry.io:5000/v2/_catalog
{"repositories":["centos","flannel"]}
[root@docker_registry ~]#
示例:下载私有仓库中的镜像到本地
[root@docker_node01 ~]# ip a l ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:22:36:7f brd ff:ff:ff:ff:ff:ff
inet 192.168.0.22/24 brd 192.168.0.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe22:367f/64 scope link
valid_lft forever preferred_lft forever
[root@docker_node01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
linux1874/myimg v0.1 e408b1c6e04f 2 weeks ago 1.22MB
wordpress latest c3fa1c8546fb 5 weeks ago 540MB
mysql 5.7 f965319e89de 5 weeks ago 448MB
alpine v3 f70734b6a266 6 weeks ago 5.61MB
nginx 1.14-alpine 8a2fb25a19f5 14 months ago 16MB
httpd 2.4.37-alpine dfd436f9a5d8 17 months ago 91.8MB
[root@docker_node01 ~]# docker pull 192.168.0.99:5000/flannel:v0.12.0-s390x
v0.12.0-s390x: Pulling from flannel
176bad61a3a4: Pull complete
13b80a37370b: Pull complete
42d8e66fa893: Pull complete
266247e2e603: Pull complete
1b56fbc8a8e1: Pull complete
85ecb68de469: Pull complete
Digest: sha256:3ce5b8d40451787e1166bf6b207c7834c13f7a0712b46ddbfb591d8b5906bfa6
Status: Downloaded newer image for 192.168.0.99:5000/flannel:v0.12.0-s390x
192.168.0.99:5000/flannel:v0.12.0-s390x
[root@docker_node01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
linux1874/myimg v0.1 e408b1c6e04f 2 weeks ago 1.22MB
wordpress latest c3fa1c8546fb 5 weeks ago 540MB
mysql 5.7 f965319e89de 5 weeks ago 448MB
alpine v3 f70734b6a266 6 weeks ago 5.61MB
192.168.0.99:5000/flannel v0.12.0-s390x 57eade024bfb 2 months ago 56.9MB
nginx 1.14-alpine 8a2fb25a19f5 14 months ago 16MB
httpd 2.4.37-alpine dfd436f9a5d8 17 months ago 91.8MB
[root@docker_node01 ~]#
提示:下载私有仓库中的镜像,默认情况docker也是不支持直接访问http协议的仓库,需要我们手动去配置insecure-registries,然后重启docker才可以;
示例:删除私有仓库中的镜像
1、获取对应镜像的sha256的值 curl --header "Accept:application/vnd.docker.distribution.manifest.v2+json" -I -X GET http://<registry addr>/v2/<image name>/manifests/<image tag>
2、删除对应镜像版本元数据 curl -I -X DELETE http://<registry addr>/v2/<image name>/manifests/<image digest>
提示:如果响应405方法不被允许;我们需要修改私有仓库的配置文件,将其配置为允许删除;如下
[root@docker_registry ~]# cat /etc/docker-distribution/registry/config.yml
version: 0.1
log:
fields:
service: registry
storage:
delete:
enabled: true
cache:
layerinfo: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
[root@docker_registry ~]# systemctl restart docker-distribution
[root@docker_registry ~]# curl -IX DELETE http://docker-registry.io:5000/v2/centos/manifests/sha256:c2f1d5a9c0a81350fa0ad7e1eee99e379d75fe53823d44b5469eb2eb6092c941
HTTP/1.1 202 Accepted
Docker-Distribution-Api-Version: registry/2.0
Date: Sat, 06 Jun 2020 19:55:52 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8 [root@docker_registry ~]#
提示:degest值包含"sha256:"
3、垃圾回收清理
[root@docker_registry ~]# registry garbage-collect /etc/docker-distribution/registry/config.yml
centos
flannel
flannel: marking manifest sha256:3ce5b8d40451787e1166bf6b207c7834c13f7a0712b46ddbfb591d8b5906bfa6
flannel: marking blob sha256:57eade024bfbd48c45ef2bad996c4d6a0fa41b692247294745265af738066813
flannel: marking blob sha256:176bad61a3a435da03ec603d2bd8f7a69286d92f21f447b17f21f0bc4e085bde
flannel: marking blob sha256:13b80a37370b57f558a2e06092c39224e5d1ebac50e48df0afdeb43cf2303e60
flannel: marking blob sha256:42d8e66fa893de4beb5d136b787cf182b24b7f4972c4212b9493b661ad1d7e85
flannel: marking blob sha256:266247e2e603e1c840f97cb4d97a08b9184344e9802966cb42c93d21c407839f
flannel: marking blob sha256:1b56fbc8a8e10830867455c0794a70f5469c154cdc013554daf501aeda3f30fe
flannel: marking blob sha256:85ecb68de4693bb4093d923f6d1062766e4fa7cbb3bf456a2bc19dd3e6c5e6c6
myweb
myweb: marking manifest sha256:aaf04cf567a776e36eb3b0bafaec17ed8d9e0a743bdb897dca13f251250ae493
myweb: marking blob sha256:4f406abeaab7f848178867409142090d1a551b22b968be6a6dae733c8403738e
myweb: marking blob sha256:524b0c1e57f8ee5fee01a1decba2f301c324a6513ca3551021264e3aa7341ebc
myweb: marking blob sha256:c941076f9075280c41b502283f37ab8bafef3a66f4a7ba299838dce07641a48d
test
test: marking manifest sha256:5ecad23ab8a52e55f93968f708d325261032dd613287aec92e7cf8ddd6426635
test: marking blob sha256:370e3a843c3cb12700301e3f87f929939146cd8b676260bedcd83aaa7fcc2939
test: marking blob sha256:524b0c1e57f8ee5fee01a1decba2f301c324a6513ca3551021264e3aa7341ebc
test: marking manifest sha256:da8b53210bf1f4dc4873bbd5589abad616663cda45205ae3a4fffb0729d2730d
test: marking blob sha256:461f6ceabc885e2e90b5f9ee82aefc9a30a39510c40e7cd8fb7436a4d340fe1d
test: marking blob sha256:524b0c1e57f8ee5fee01a1decba2f301c324a6513ca3551021264e3aa7341ebc
test: marking blob sha256:035e026f1d6b0acba3413ba616dcbabf75d20e945778c52716e601255452b7b7 17 blobs marked, 2 blobs eligible for deletion
blob eligible for deletion: sha256:b5b4d78bc90ccd15806443fb881e35b5ddba924e2f475c1071a38a3094c3081d
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/b5/b5b4d78bc90ccd15806443fb881e35b5ddba924e2f475c1071a38a3094c3081d go.version=go1.9.4 instance.id=b3029d7f-99e8-4941-8c87-989514b584ea
blob eligible for deletion: sha256:c2f1d5a9c0a81350fa0ad7e1eee99e379d75fe53823d44b5469eb2eb6092c941
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/c2/c2f1d5a9c0a81350fa0ad7e1eee99e379d75fe53823d44b5469eb2eb6092c941 go.version=go1.9.4 instance.id=b3029d7f-99e8-4941-8c87-989514b584ea
[root@docker_registry ~]#
测试:下载docker-registry.io:5000/centos:7 看看是否还能下载?
[root@docker_node01 ~]# docker pull 192.168.0.99:5000/centos:7
Error response from daemon: manifest for 192.168.0.99:5000/centos:7 not found: manifest unknown: manifest unknown
[root@docker_node01 ~]#
提示:以上提示告诉我们没有对应镜像的元数据信息;说明我们私有仓库没有对应镜像;以上方法适合精准删除某个镜像的某个版本,如果是删除一个仓库,直接删除 /var/lib/registry/docker/registry/v2/repositories/下对应仓库的目录,然后在用registry命令做垃圾回收;如下
[root@docker_registry ~]# ll /var/lib/registry/docker/registry/v2/repositories/
total 0
drwxr-xr-x 5 root root 55 Jun 6 14:16 centos
drwxr-xr-x 5 root root 55 Jun 6 14:15 flannel
drwxr-xr-x 5 root root 55 Jun 6 15:25 myweb
drwxr-xr-x 5 root root 55 Jun 6 15:24 test
[root@docker_registry ~]# rm -rf /var/lib/registry/docker/registry/v2/repositories/test
[root@docker_registry ~]# rm -rf /var/lib/registry/docker/registry/v2/repositories/myweb
[root@docker_registry ~]# ll /var/lib/registry/docker/registry/v2/repositories/
total 0
drwxr-xr-x 5 root root 55 Jun 6 14:16 centos
drwxr-xr-x 5 root root 55 Jun 6 14:15 flannel
[root@docker_registry ~]# registry garbage-collect /etc/docker-distribution/registry/config.yml
centos
flannel
flannel: marking manifest sha256:3ce5b8d40451787e1166bf6b207c7834c13f7a0712b46ddbfb591d8b5906bfa6
flannel: marking blob sha256:57eade024bfbd48c45ef2bad996c4d6a0fa41b692247294745265af738066813
flannel: marking blob sha256:176bad61a3a435da03ec603d2bd8f7a69286d92f21f447b17f21f0bc4e085bde
flannel: marking blob sha256:13b80a37370b57f558a2e06092c39224e5d1ebac50e48df0afdeb43cf2303e60
flannel: marking blob sha256:42d8e66fa893de4beb5d136b787cf182b24b7f4972c4212b9493b661ad1d7e85
flannel: marking blob sha256:266247e2e603e1c840f97cb4d97a08b9184344e9802966cb42c93d21c407839f
flannel: marking blob sha256:1b56fbc8a8e10830867455c0794a70f5469c154cdc013554daf501aeda3f30fe
flannel: marking blob sha256:85ecb68de4693bb4093d923f6d1062766e4fa7cbb3bf456a2bc19dd3e6c5e6c6 8 blobs marked, 9 blobs eligible for deletion
blob eligible for deletion: sha256:370e3a843c3cb12700301e3f87f929939146cd8b676260bedcd83aaa7fcc2939
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/37/370e3a843c3cb12700301e3f87f929939146cd8b676260bedcd83aaa7fcc2939 go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e
blob eligible for deletion: sha256:524b0c1e57f8ee5fee01a1decba2f301c324a6513ca3551021264e3aa7341ebc
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/52/524b0c1e57f8ee5fee01a1decba2f301c324a6513ca3551021264e3aa7341ebc go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e
blob eligible for deletion: sha256:5ecad23ab8a52e55f93968f708d325261032dd613287aec92e7cf8ddd6426635
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/5e/5ecad23ab8a52e55f93968f708d325261032dd613287aec92e7cf8ddd6426635 go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e
blob eligible for deletion: sha256:aaf04cf567a776e36eb3b0bafaec17ed8d9e0a743bdb897dca13f251250ae493
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/aa/aaf04cf567a776e36eb3b0bafaec17ed8d9e0a743bdb897dca13f251250ae493 go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e
blob eligible for deletion: sha256:035e026f1d6b0acba3413ba616dcbabf75d20e945778c52716e601255452b7b7
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/03/035e026f1d6b0acba3413ba616dcbabf75d20e945778c52716e601255452b7b7 go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e
blob eligible for deletion: sha256:461f6ceabc885e2e90b5f9ee82aefc9a30a39510c40e7cd8fb7436a4d340fe1d
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/46/461f6ceabc885e2e90b5f9ee82aefc9a30a39510c40e7cd8fb7436a4d340fe1d go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e
blob eligible for deletion: sha256:4f406abeaab7f848178867409142090d1a551b22b968be6a6dae733c8403738e
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/4f/4f406abeaab7f848178867409142090d1a551b22b968be6a6dae733c8403738e go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e
blob eligible for deletion: sha256:c941076f9075280c41b502283f37ab8bafef3a66f4a7ba299838dce07641a48d
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/c9/c941076f9075280c41b502283f37ab8bafef3a66f4a7ba299838dce07641a48d go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e
blob eligible for deletion: sha256:da8b53210bf1f4dc4873bbd5589abad616663cda45205ae3a4fffb0729d2730d
INFO[0000] Deleting blob: /docker/registry/v2/blobs/sha256/da/da8b53210bf1f4dc4873bbd5589abad616663cda45205ae3a4fffb0729d2730d go.version=go1.9.4 instance.id=1a15f1e7-194f-4a82-b79d-9f437d975f6e
[root@docker_registry ~]#
提示:这种方式比较粗暴简单,通常是一个仓库里只有一个版本镜像可以使用这种方式删除,如果一个仓库有多个版本,那么还是建议使用第一种方式;
容器技术之Docker私有镜像仓库docker-distribution的更多相关文章
- 基于 registry 搭建 Docker 私有镜像仓库
今天主要介绍使用 registry 来搭建 Docker私有镜像仓库,方便在公司内部项目中使用,registry 也是 Docker 官方提供的一个镜像,操作也很简单. dockerhub: http ...
- 容器技术之Docker私有镜像仓库harbor
前文我们聊到了docker的私有镜像仓库docker-distribution的搭建和简单的使用,回顾请参考https://www.cnblogs.com/qiuhom-1874/p/13058338 ...
- 使用Nexus3构建Docker私有镜像仓库
一.安装Nexus3 Nexus3是Sonatype提供的仓库管理平台,Nuexus Repository OSS3能够支持Maven.npm.Docker.YUM.Helm等格式数据的存储和发布:并 ...
- Docker 私有镜像仓库的搭建及认证
DockerHub 为我们提供了很多官方镜像和个人上传的镜像,我们可以下载机构或个人提供的镜像,也可以上传我们自己的本地镜像,但缺点是: 由于网络的原因,从 DockerHub 下载和上传镜像速度可能 ...
- Docker私有镜像仓库
使用阿里云加速: tee /etc/docker/daemon.json << 'EOF' { "registry-mirrors": [ "https:// ...
- 使用harborv1.8.0-rc1 搭建docker私有镜像仓库
概述 搭建一个私有仓库 harbor介绍 harbor是一个开源的docker容器仓库,由下面几个组件组成 + proxy:用来接收docker客户端和浏览器端的请求,并且把请求转发给后端的服务 + ...
- 搭建docker 私有镜像仓库
前期准备 服务器:centos 7.3 docker-ce: 18.06.1-ce docker-compose: 1.22.0 docker 安装 首先,更新系统 yum update yum up ...
- Docker私有镜像仓库Harbor
一.安装Harbor(离线安装包的方式安装) 1.解压离线包 2.进入harbor目录中编辑harbor.yml 3.安装docker-compose yum -y install docker-co ...
- 【Linux】【Services】【SaaS】Docker+kubernetes(7. 安装Docker私有镜像仓库)
1. 简介 1.1. 自己做个私有镜像,方便上传和下载,我也在docker官网注册了一个账号,做好的镜像可以传上去 1.2. Redhat自带私有镜像的功能,需要安装包,这是howto: https: ...
随机推荐
- ql的python学习之路-day13
前言:本节主要学习模块 一.模块的定义 模块:本质是.py结尾的python文件(文件名:test.py,对应的模块是:test),用来从逻辑上组织python代码(变量.函数.类.逻辑,本质是实现一 ...
- 【雕爷学编程】Arduino动手做(47)---七段LED数码管模块
37款传感器与模块的提法,在网络上广泛流传,其实Arduino能够兼容的传感器模块肯定是不止37种的.鉴于本人手头积累了一些传感器和模块,依照实践(动手试试)出真知的理念,以学习和交流为目的,这里准备 ...
- 二、YARN
一.YARN 介绍 yarn 是下一代 MapReduce,即 MRv2,是在第一代 MapReduce 基础上演变而来的,主要是为了解决原始 Hadoop 扩展性较差,不支持多计算框架而提出的,通俗 ...
- css概述四
八.文本格式化 2.文本属性 ①文本颜色 color:合法的颜色值 ②文本对齐方式 text-align: 取值 left/center/right/justify 注意 1.一个元素写了text- ...
- 王艳 201771010127《面向对象程序设计(java)》第十八周学习总结
实验十八 总复习 实验时间 2018-12-30 1.实验目的与要求 (1) 综合掌握java基本程序结构: (2) 综合掌握java面向对象程序设计特点: (3) 综合掌握java GUI 程序设 ...
- Redis学习笔记(十五)Sentinel(哨兵)(中)
上一篇 我们模拟了单机器下哨兵模式的搭建,那么接下来我们看下哨兵模式的实现与工作. 为什么又分成两篇呢?因为篇幅太长(偷懒),再一个这篇主要说的是Sentinel的初始化以及信息交换,下一篇着重说下状 ...
- MySQL浮点数和定点数
MySQL 分为两种方式:浮点数和定点数.浮点数包括 float(单精度)和 double(双精度),而定点数则只有 decimal 一种表示.定点数在 MySQL 内部以字符串形式存放,比浮点数更精 ...
- web自动化的一些基础知识
selenium 原理 就是通过webdriver 给浏览器的驱动发送命令,打开浏览器,建立http通信请求 然后通过发送各种命令让浏览器进而执行各种操作 xpath 语法 #xpath定位总结:'' ...
- pycharm激活码,亲测有效
PyCharm是由著名的JetBrains公司所打造的一款功能强大的Python IDE,它具有一般IDE都具备的功能, 并且使用起来非常方便好用.最近需求PyCharm激活码的网友非常多,就在这里给 ...
- Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.26/images/j..........
如果你在执行 docker images 出现这样的问题 注意:把你的用户切到root下