docker

关注公众号 jb51net

关闭
首页 > 网站技巧 > 服务器 > 云和虚拟化 > docker > Docker Registry定期清理

Docker Registry定期清理方式

作者:mofei12138

Docker Registry因镜像堆积需定期清理,可通过配置文件开启删除、调用API、执行garbage-collect命令或Python脚本保留最新版本,并设置crontab定时任务自动化处理

背景

项目在持续部署过程中会push镜像到Registry中,随着时间推移,Registry中会保存大量镜像,造成磁盘空间不足,所以需要定期清理历史镜像,保证Registry服务正常运行。

删除镜像流程

  1. Registry默认是不允许删除镜像的,需要修改/etc/docker/registry/config.yml配置文件来开启删除操作,如下:
version: 0.1
log:
  fields:
    service: registry
storage:
    delete:
        enabled: true #打开delete开关
    cache:
        blobdescriptor: inmemory
    filesystem:
        rootdirectory: /var/lib/registry
http:
    addr: :5000
    headers:
        X-Content-Type-Options: [nosniff]
health:
  storagedriver:
    enabled: true
    interval: 10s
    threshold: 3
  1. 调用Registry API删除镜像
# 查询digest
curl -I -H "Accept: application/vnd.docker.distribution.manifest.v2+json" localhost:5000/v2/nginx/manifests/latest
# 根据digest删除镜像
curl -i -X DELETE localhost:5000/v2/nginx/manifests/sha256:89a42c3ba15f09a3fbe39856bddacdf9e94cd03df7403cad4fc105088e268fc9
  1. 在Registry容器中执行garbage-collect命令删除未被引用的layer
registry garbage-collect /etc/docker/registry/config.yml
  1. 重启registry容器(不重启的话,会导致刚清理的同名同tag镜像无法push)

使用Python脚本清理镜像(保留每个镜像的最新版本)

import os
import requests


class RegistryHandler(object):
    get_repos_url = '/v2/_catalog'
    get_tags_url = '/v2/{repo}/tags/list'
    get_digests_url = '/v2/{repo}/manifests/{tag}'
    delete_digest_url = '/v2/{repo}/manifests/{digest}'

    def __init__(self, host):
        self.host = host

    def get_repos(self):
        url = f'{self.host}{self.get_repos_url}'
        res = requests.get(url).json()
        return res['repositories']

    def get_tags(self, repo):
        url = f'{self.host}{self.get_tags_url.format(repo=repo)}'
        res = requests.get(url).json()
        return res['tags']

    def get_digest(self, repo, tag):
        headers = {"Accept": "application/vnd.docker.distribution.manifest.v2+json"}
        url = f'{self.host}{self.get_digests_url.format(repo=repo, tag=tag)}'
        resp = requests.get(url, headers=headers)
        return resp.headers['Docker-Content-Digest']

    def delete_digest(self, repo, digest):
        url = f'{self.host}{self.delete_digest_url.format(repo=repo, digest=digest)}'
        requests.delete(url)


if __name__ == '__main__':
    rh = RegistryHandler('http://localhost:5000')
    repos = rh.get_repos()
    for repo in repos:
        tags = rh.get_tags(repo)
        if not tags:
            continue

        delete_tags = sorted(
            filter(lambda tag: '.' in tag, tags),
            key=lambda tag: ''.join([f'{int(n):04d}' for n in tag.split('.')])
        )[:-1]
        for tag in delete_tags:
            try:
                digest = rh.get_digest(repo, tag)
                rh.delete_digest(repo, digest)
            except Exception as e:
                print(f'{repo}:{tag} delete fail: {e}')

    os.system("docker exec `docker ps | grep registry | awk '{print $1}'` registry garbage-collect --delete-untagged /etc/docker/registry/config.yml")
    os.system("docker restart `docker ps | grep registry | awk '{print $1}'`")

配置定期清理

crontab配置如下:

0 0 * * * /usr/bin/python ~/registry_clear.py

参考:

总结

以上为个人经验,希望能给大家一个参考,也希望大家多多支持脚本之家。

您可能感兴趣的文章:
阅读全文