I have docker images stored in jFrog artifactory and I need to get the size of those docker images without pulling it. I tried to figure out if there is any direct REST API provided by jFrog but couldn’t find any.
I also tried one solution by doing a curl request to fetch all the docker layers and to sum all the layers. But I’m looking if there is any feasible solution other than the above?
You can try and use regclient.
It does allow to inspect images without pulling the layers, allowing quick access to the image manifest and configuration.
And the manifest include the size of the image.
Start with the regctl manifest command:
regctl manifest get <yourJFrogName>/<yourImageName>:<tag>
Or:
regctl image inspect --format '{{jsonPretty .}}' <yourJFrogName>/<yourImageName>:<tag>
It should include the total size:
$ regctl manifest get localhost:5000/artifact:demo
Name: localhost:5000/artifact:demo
MediaType: application/vnd.oci.image.manifest.v1+json
Digest: sha256:36484d44383fc9ffd34be11da4a617a96cb06b912c98114bfdb6ad2dddd443e2
Annotations:
demo: true
format: oci
Total Size: 64B
JFrog provides a get artifact details REST API where you can get the file size of the image with below REST API.
curl -u admin -X GET http://localhost:8082/artifactory/api/storage/docker-local/nginx/latest/manifest.json -H "Content-type: application/json"
This will give the following output along with the size.
{
"repo" : "docker-local",
"path" : "/nginx/latest/manifest.json",
----------
"downloadUri" : "https://localhost:8082/artifactory/docker-local/nginx/latest/manifest.json",
"mimeType" : "application/json",
"size" : "1570",
"checksums" : {
"sha1" : "cc357b563ce443aa8270eb34e6755458a1a46869",
--------
},
"originalChecksums" : {
"sha256" : "89020cd33be2767f3f894484b8dd77bc2e5a1ccc864350b92c53262213257dfc"
},
"uri" : "https://localhost:8082/artifactory/api/storage/docker-local/nginx/latest/manifest.json"
}
Related
I loaded a docker image to my K3 cluster like so:
# ctr -n k8s.io -a /run/k3s/containerd/containerd.sock image import /home/rocky/myawx-v1.0.0.tar
(actually I have tried many different version of the above command)
I can see the image here:
# k3s ctr image ls | grep awx
docker.io/library/myawx:v1.0.0 application/vnd.docker.distribution.manifest.v2+json sha256:7...9 617.3 MiB linux/amd64 io.cri-containerd.image=managed
quay.io/ansible/awx-ee:latest application/vnd.docker.distribution.manifest.v2+json sha256:5...0 613.4 MiB linux/amd64 io.cri-containerd.image=managed
quay.io/ansible/awx-ee#sha256:5...0 application/vnd.docker.distribution.manifest.v2+json sha256:5...0 613.4 MiB linux/amd64 io.cri-containerd.image=managed```
But if I try to pull the image I get this error:
# k3s ctr image pull docker.io/library/myawx:v1.0.0
docker.io/library/myawx:v1.0.0: resolving |--------------------------------------|
elapsed: 0.5 s total: 0.0 B (0.0 B/s)
INFO[0000] trying next host error="pull access denied, repository does not exist or may require authorization: server message:
insufficient_scope: authorization failed" host=registry-1.docker.io
ctr: failed to resolve reference "docker.io/library/myawx:v1.0.0": pull access denied,
repository does not exist or may require authorization: server message:
insufficient_scope: authorization failed
If I try to run the image I get this ...
# k3s ctr run docker.io/library/myawx myawx-run
ctr: image "docker.io/library/myawx": not found
I have no idea what I am doing and I am just grasping at straws. Please help!
I have the following problem : Trying to pull built docker image from private hub and run it as a service, but the following error appears
Failed to launch container: Failed to run 'docker -H unix:///var/run/docker.sock pull r.cfcr.io/path/to/repo/': exited with status 1; stderr='Error: Cannot perform an interactive login from a non TTY device '
here is the fetch[] config.json info that I am using to authenticate :
{
"auths": {
"r.cfcr.io": {
"auth": "=auth_token="
}
},
"HttpHeaders": {
"User-Agent": "Docker-Client/18.06.1-ce (linux)"
}
}
Do you have any idea how to resolve the problem?
Probably not linked to the problem here, but some people might encounter the exact same message when trying a docker login from a Linux like terminal on Windows such as Git bash or Docker quickstart terminal or even Cygwin.
The trick here is to use winpty docker login
or try to use this command
docker login "${URL}" -u "${Username}" -p "${PASSWORD}"
You must keep the config.json file at .docker directory at $MESOS_SANDBOX.
So create the archieve of .docker directory with below listing of files :
$ tar tvf docker-login.tar
drwx------ parvez/parvez 0 2019-06-12 21:45 .docker/
-rw------- parvez/parvez 177 2019-06-12 21:45 .docker/config.json
Fetch and extract this archive from mesos configuration.
"fetch": [{
"uri": "https://foo.com/docker-login.tar",
"executable": false,
"extract": true,
"cache": true
}],
It will download and extract archieve at $MESOS_SANDBOX path and docker pull should be successful.
I'm currently digging in Gitlab CI. I would like to add a way in my YAML files to tag my docker images with a version number composed in the following fashion : MajorVersion.Minorversion.AutoincrementedGlobalversionNumber
I would like to auto-increment the globally defined variable "AutoincrementedGlobalversionNumber" each time I deploy.
I have used CI_PIPELINE_IID however it keeps incrementing for each pipeline request, I need something to keep a version where I can keep track of and it should increment only when I pack and deploy.
variables:
CI_VERSION: "1.0.${CI_PIPELINE_IID}"
build-master:
stage: build
script:
- docker build --pull -t "$CI_REGISTRY_IMAGE" -t "$CI_REGISTRY_IMAGE:$CI_VERSION" ./postfix
- docker push "$CI_REGISTRY_IMAGE"
only:
- master
You probably can't do this with the default GitLab CI variables, but there could be a workaround along the lines of (untested):
Get the registry ID with something like:
$ registry_id=$(curl -s -XGET --header "PRIVATE-TOKEN: $TOKEN" "https://gitlab.com/$PROJECT_PATH/container_registry.json" | jq '.[].id')
Query said registry to get the name:
curl -s -XGET --header "PRIVATE-TOKEN: $TOKEN" "https://gitlab.com/$PROJECT_PATH/registry/repository/$registry_id/tags?format=json" | jq
eg returns the following and you can grep the name for GlobalVersionNumber:
[
{
"name": "latest",
"location": "registry.gitlab.com/mwasilewski/helm:latest",
"revision": "85a403337a56e9e6409dfb8185bf9aa5c2135f9a437bd75da82d27471c71feb4",
"short_revision": "85a403337",
"total_size": 152246865,
"created_at": "2016-12-11T08:31:30.126+00:00",
"destroy_path": "/mwasilewski/helm/registry/repository/31074/tags/latest"
}
]
Continue with your Docker build and push, after incrementing the GlobalVersionNumber you get back.
NB: this assumes you are using GitLab's Container Registry
Resources:
https://gitlab.com/gitlab-org/gitlab-ce/issues/40826
I have a Private Docker Registry set up and i have pushed some images from other machine to this registry.
Its a V2 registry.
I don't know a novel way to delete the images from repositories since these pushed images doesn't get listed in CLI for "docker images".
Can anyone suggest me the proper way to delete those images from the disk?
Appreciate a lot for answer.
Thanks
I have posted same answer to other question. Maybe it would be useful for you.
I've faced same problem with my registry then i tried the solution listed below from a blog page. It works.
Step 1: Listing catalogs
You can list your catalogs by calling this url:
http://YourPrivateRegistyIP:5000/v2/_catalog
Response will be in the following format:
{
"repositories": [
<name>,
...
]
}
Step 2: Listing tags for related catalog
You can list tags of your catalog by calling this url:
http://YourPrivateRegistyIP:5000/v2/<name>/tags/list
Response will be in the following format:
{
"name": <name>,
"tags": [
<tag>,
...
]
}
Step 3: List manifest value for related tag
You can run this command in docker registry container:
curl -v --silent -H "Accept: application/vnd.docker.distribution.manifest.v2+json" -X GET http://localhost:5000/v2/<name>/manifests/<tag> 2>&1 | grep Docker-Content-Digest | awk '{print ($3)}'
Response will be in the following format:
sha256:6de813fb93debd551ea6781e90b02f1f93efab9d882a6cd06bbd96a07188b073
Run the command given below with manifest value:
curl -v --silent -H "Accept: application/vnd.docker.distribution.manifest.v2+json" -X DELETE http://127.0.0.1:5000/v2/<name>/manifests/sha256:6de813fb93debd551ea6781e90b02f1f93efab9d882a6cd06bbd96a07188b073
Step 4: Delete marked manifests
Run this command in your docker registy container:
bin/registry garbage-collect /etc/docker/registry/config.yml
Here is my config.yml
root#c695814325f4:/etc# cat /etc/docker/registry/config.yml
version: 0.1
log:
fields:
service: registry
storage:
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /var/lib/registry
delete:
enabled: true
http:
addr: :5000
headers:
X-Content-Type-Options: [nosniff]
health:
storagedriver:
enabled: true
interval: 10s
threshold: 3
Currently you cannot delete an image from a docker registry without an external tool. The easiest way to do so would be to use this script to do so, keeping in mind that it does require downtime.
I tried deleting images from a private registry
post which the blobs and the manifest of the pushed image gets deleted .
but it leaves behind an empty repository with the tag of the images which it contained .
Steps Followed:
docker push hostname.xxx.yyy.com:1111/hello-world-abc push the image
The push refers to a repository [hostname.xxx.yyy.com:1111/hello-world-abc]
(len: 1)
aef768067415: Pushed
82152269d8b3: Pushed
latest: digest: sha256:c7d713292dd6dc833ef6364cc6c821ce9523883bc97cc24bedbc572343644b68 size: 1937 get the digest value of the pushed image
[root#slc01olq docker]# curl -i -X GET hostname.xxx.yyy.com:1111/v2/hello-world-abc/manifests/latest get the blobs associated with the image
HTTP/1.1 200 OK
{
"schemaVersion": 1,
"name": "hello-world-abc",
"tag": "latest",
"architecture": "amd64",
"fsLayers": [
{
"blobSum": "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
},
{
"blobSum": "sha256:4276590986f6a900029d4afb65b0969777f5ff9f70a00f896ec3b7372072381c"
• Delete the manifest and the Blobs::
curl -i -X DELETE hostname.xxx.yyy.com:1111/v2/hello-world-abc/manifests/sha256:c7d713292dd6dc833ef6364cc6c821ce9523883bc97cc24bedbc572343644b68
HTTP/1.1 202 Accepted
curl -i -X DELETE hostname.xxx.yyy.com:1111/v2/hello-world-abc/blobs/sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
HTTP/1.1 202 Accepted
curl -i -X DELETE hostname.xxx.yyy.com:1111/v2/hello-world-abc/blobs/sha256:4276590986f6a900029d4afb65b0969777f5ff9f70a00f896ec3b7372072381c
HTTP/1.1 202 Accepted
• Try to pull ::
docker pull hostname.xxx.yyy.com:1111/hello-world-abc
Using default tag: latest
Pulling repository hostname.xxx.yyy.com:1111/hello-world-abc
Error: image hello-world-abc:latest not found
• Search the image
docker search hostname.xxx.yyy.com:1111/hello-world-abc
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
hostname.xxx.yyy.com:1111/hello-world-abc:latest 0
curl -i -X GET hostname.xxx.yyy.com:1111/v2/hello-world-abc/tags/list
HTTP/1.1 200 OK
{"name":"hello-world-abc","tags":[“latest"]}
Problem statement The image is getting deleted , but an empty repository remains and I want to delete this as the above search returns an o/p :: {"name":"hello-world-abc","tags":["latest"]} but actually the latest tag has been deleted