deleteRegistryImages.sh
传参说明
- num:仓库中各项目保留镜像数
- oneProject:可选参数,表示只删除仓库中当前项目的历史镜像
功能说明
- 遍历仓库中各项目或指定项目,保留num个镜像,其余各镜像均删除,每次删除镜像后,执行垃圾收集。执行日志将写入/.deleteRegistryImage.log文件中
#! /bin/bash
num=$1
oneProject=$2
registryUrl="127.0.0.1:5000"
get_image_digest(){
sed -n '/Docker-Content-Digest/{s/\S*Docker-Content-Digest: //; s/\r//; p;}' /.image.txt
}
startTime=`date +'%Y-%m-%d %H:%M:%S'`
echo "************************************************" | tee -a /.deleteRegistryImage.log
echo "$startTime使用$(pwd)/下的脚本执行了删除仓库镜像操作:" | tee -a /.deleteRegistryImage.log
if [ -z "$num" ]; then
num=2;
fi
echo "传入参数:num=$num(若未传入,默认为2),oneProject=$oneProject 并开始执行:" | tee -a /.deleteRegistryImage.log
curl -k https://$registryUrl/v2/_catalog 2>/dev/null >>/.repositories.txt
sed -i "s/\"//g" /.repositories.txt
cat /.repositories.txt | while IFS= read -r line; do
temp=$(echo $line | cut -d'[' -f2)
repositories=$(echo $temp | cut -d ']' -f1)
echo "仓库中包含以下项目:$repositories" | tee -a /.deleteRegistryImage.log
str=${repositories//,/ }
arr=($str)
if [ -n "$oneProject" ]; then
curl -k https://$registryUrl/v2/$oneProject/tags/list 2>/dev/null >>/.$oneProject.txt
sed -i "s/\"//g" /.$oneProject.txt
cat /.$oneProject.txt | while IFS= read -r line1; do
temp1=$(echo $line1 | cut -d'[' -f2)
tags=$(echo $temp1 | cut -d ']' -f1)
echo "删除前仓库中$oneProject项目包含的镜像如下:$tags" | tee -a /.deleteRegistryImage.log
str1=${tags//,/ }
tagArr=($str1)
tagArrLength=${#tagArr[*]}
echo "仓库中$project项目包含$tagArrLength个镜像。" | tee -a /.deleteRegistryImage.log
if [ $tagArrLength -gt $num ]; then
for((i=0; i<${#tagArr[*]}-$num; i++));do
#根据digest删除仓库里的镜像操作在这里
imageTag=${tagArr[$i]}
echo "根据名字和镜像tag获取digest" | tee -a /.deleteRegistryImage.log
curl --header "Accept:application/vnd.docker.distribution.manifest.v2+json" -I -XGET -k https://$registryUrl/v2/$oneProject/manifests/$imageTag 2>/dev/null >>/.image.txt
cat /.image.txt | grep Docker-Content-Digest | while IFS= read -r line2; do
lineName=$(echo $line2 | cut -d':' -f1)
if [ $lineName == "Docker-Content-Digest" ];then
imageDigest=$(get_image_digest)
echo "删除镜像:$imageTag $imageDigest" | tee -a /.deleteRegistryImage.log
curl -XDELETE -k https://$registryUrl/v2/$oneProject/manifests/$imageDigest
fi
done
rm -f /.image.txt
done
echo "$oneProject项目已删除完毕,仓库中保留最近上传的的$num个镜像。" | tee -a /.deleteRegistryImage.log
else
echo "仓库中$oneProject项目的镜像数为$tagArrLength,不大于$num,不执行删除操作!" | tee -a /.deleteRegistryImage.log
fi
rm -f /.$oneProject.txt
done
else
for project in ${arr[*]}; do
echo "删除仓库中的$project项目镜像:" | tee -a /.deleteRegistryImage.log
curl -k https://$registryUrl/v2/$project/tags/list 2>/dev/null >>/.$project.txt
sed -i "s/\"//g" /.$project.txt
cat /.$project.txt | while IFS= read -r line1; do
temp1=$(echo $line1 | cut -d'[' -f2)
tags=$(echo $temp1 | cut -d ']' -f1)
echo "删除前仓库中$project项目包含的镜像如下:$tags" | tee -a /.deleteRegistryImage.log
str1=${tags//,/ }
tagArr=($str1)
tagArrLength=${#tagArr[*]}
echo "仓库中$project项目包含$tagArrLength个镜像。" | tee -a /.deleteRegistryImage.log
if [ $tagArrLength -gt $num ]; then
echo "根据名字和镜像tag获取digest" | tee -a /.deleteRegistryImage.log
for((i=0; i<${#tagArr[*]}-$num; i++));do
#根据digest删除仓库里的镜像操作在这里
imageTag=${tagArr[$i]}
curl --header "Accept:application/vnd.docker.distribution.manifest.v2+json" -I -XGET -k https://$registryUrl/v2/$project/manifests/$imageTag 2>/dev/null >>/.image.txt
cat /.image.txt | grep Docker-Content-Digest | while IFS= read -r line2; do
lineName=$(echo $line2 | cut -d':' -f1)
if [ $lineName == "Docker-Content-Digest" ];then
imageDigest=$(get_image_digest)
echo "删除镜像:$imageTag $imageDigest" | tee -a /.deleteRegistryImage.log
curl -XDELETE -k https://$registryUrl/v2/$project/manifests/$imageDigest
fi
done
rm -f /.image.txt
done
echo "$project项目已删除完毕,仓库中保留最近上传的的$num个镜像。" | tee -a /.deleteRegistryImage.log
else
echo "仓库中$project项目的镜像数为$tagArrLength,不大于$num,不执行删除操作!" | tee -a /.deleteRegistryImage.log
fi
rm -f /.$project.txt
done
done
fi
done
rm -f /.repositories.txt
echo "删除镜像操作结束!开始执行垃圾清理操作···" | tee -a /.deleteRegistryImage.log
docker exec -i itacRegistry /bin/sh -c "cd /var/lib/registry && registry garbage-collect /etc/docker/registry/config.yml"
echo "垃圾清理操作结束!脚本执行结束!" | tee -a /.deleteRegistryImage.log
echo -e "\n\n\n\n" | tee -a /.deleteRegistryImage.log
produceCloud.sh
传参说明
- date:待保存镜像日期
- oneItem:待保存镜像项目名称
功能说明
- 根据参数制作云端完整安装包,或保存单个项目镜像
#!/bin/bash
date=$1
oneItem=$2
registry="127.0.0.1:5000"
arr=(apiserv itac itactask portal-demo portal-largescreen portal-promotion vpn)
if [ -z "$oneItem" ]; then
rm -rf cloud
mkdir cloud
cd cloud
mkdir adesk-images
for item in ${arr[@]}; do
echo $item
docker pull $registry/$item:$item-release-$date
docker tag $registry/$item:$item-release-$date $item:$item-release-$date
docker save $item:$item-release-$date > adesk-images/$item-release-$date.tar
docker rmi $registry/$item:$item-release-$date
docker rmi $item:$item-release-$date
done
cp -r /var/adesk-scripts .
cp -r /var/adesk-ymls .
tar -czvf cloud.tar.gz adesk-images/ adesk-scripts/ adesk-ymls/
else
docker pull $registry/$oneItem:$oneItem-release-$date
docker tag $registry/$oneItem:$oneItem-release-$date $oneItem:$oneItem-release-$date
docker save $oneItem:$oneItem-release-$date > $oneItem-release-$date.tar
docker rmi $registry/$oneItem:$oneItem-release-$date
docker rmi $oneItem:$oneItem-release-$date
fi
produceAdesk.sh
功能说明
- 制作探针完整安装包
#!/bin/bash
time=$(date +%Y%m%d)
docker ps | while IFS= read -r line ; do
image=$(echo $line | cut -d ' ' -f2)
if [ $image != "ID" ]; then
tag=$(echo $image | cut -d '/' -f2)
name=$(echo $tag | cut -d ':' -f1)
tarName=$(echo $image | cut -d ':' -f3)
docker tag $image $tag
mkdir $name
docker save $tag > ./$name/$tarName.tar
docker rmi $tag
fi
done
cp -r /var/tmp/deploy .
tar -czvf Adesk-R2.0.0-$time.tar.gz deploy/ splus/ probe/ zabbix/ agent/
ntp.sh
功能说明
- 安装NTP服务后,配置服务器与ntpServer时钟源同步
#!/bin/bash
yum localinstall -y *.rpm
# 设置本地时区
timedatectl set-timezone "Asia/Shanghai"
# 设置硬件时钟以协调世界时(UTC)
timedatectl set-local-rtc 0
# 设置硬件时间,使得硬件时钟变为跟系统时间同步
hwclock --systohc
ntpServer=*.*.*.*
# 修改ntp配置
sed -i '/server 3/a\restrict '$ntpServer' nomodify notrap noquery' /etc/ntp.conf
sed -i '/server 3/a\server '$ntpServer'' /etc/ntp.conf
sed -i '/centos.pool.ntp.org/d' /etc/ntp.conf
# 开启NTP服务
systemctl start ntpd
systemctl enable ntpd
# 关闭chrony服务,避免系统重启后NTP服务无法启动
systemctl stop chronyd
systemctl disable chronyd
pushAgentImage.sh
参数说明:
- edition:镜像制作版本
– registryIp:镜像推送至的仓库
功能说明:
- 在服务器上制作探针镜像,制作前清除本地镜像,清除仓库中同标签镜像,制作后再次清除本地镜像。以/.temp.ini作为“锁”,保证该脚本被多人使用时不冲突。
#!/bin/bash
set +e
edition=$1
registryIp=$2
while [ -f "/.temp.ini" ];do
sleep 5
echo "someone is running script to build and push docker image, so waiting for the finish..."
done
touch /.temp.ini
getVersion(){
cat version.txt | grep agent_"$edition" | while IFS= read -r line; do
version=$(echo $line | cut -d'=' -f2)
echo $version
done
}
version=$(getVersion)
get_image_version() {
unzip -q Adesk.war WEB-INF/conf/productConf/Adesk/product.xml
sed -n '/productVersion/{s/\S*<productVersion value="//; s/"\/>\r//; s/\t//; p;}' WEB-INF/conf/productConf/Adesk/product.xml
rm -rf WEB-INF
}
get_image_digest(){
sed -n '/Docker-Content-Digest/{s/\S*Docker-Content-Digest: //; s/\r//; p;}' /.image.txt
}
imageName="*.*.*.*:5000/agent"
imageVer=$(get_image_version)
imageTag="agent-$imageVer-$(date +%Y%m%d)"
imageNameTag="$imageName:$imageTag"
echo "delete the last image of today"
docker rmi "$imageNameTag"
echo "Building docker image \"$imageNameTag\"."
docker build -t "$imageNameTag" .
if [ -n "$registryIp" ]; then
echo "add $registryIp *.*.*.* into /etc/hosts"
sed -i "/^::1/a $registryIp *.*.*.*" /etc/hosts
curl --header "Accept:application/vnd.docker.distribution.manifest.v2+json" -I -XGET -k https://*.*.*.*:5000/v2/agent/manifests/$imageTag 2>/dev/null >>/.image.txt
cat /.image.txt | grep Docker-Content-Digest | while IFS= read -r line; do
lineName=$(echo $line | cut -d':' -f1)
if [ $lineName == "Docker-Content-Digest" ];then
imageDigest=$(get_image_digest)
echo $imageDigest
echo "delete the last image in registry of today"
curl -XDELETE -k https://*.*.*.*:5000/v2/agent/manifests/$imageDigest
fi
done
rm -f /.image.txt
sleep 20
echo "pushing docker image \"$imageNameTag\"."
docker push "$imageNameTag"
echo "remove $registryIp *.*.*.* in /etc/hosts"
sed -i "/rois/d" /etc/hosts
else
SELFDIR=$(dirname "$(realpath -s "$0")")
source $SELFDIR/data/read_ini.sh
# parameter processing
TEST_ENV_NAME=""
while (( "$#" )); do
if [ "$1" == "--test-env" ]; then
shift
TEST_ENV_NAME=$1
shift
continue
fi
shift
done
# do work
for fullfn in `ls /etc/h3c/$edition/*.test-env`; do
fn=$(basename $fullfn)
name=${fn%%.*}
if [ ! -z $TEST_ENV_NAME ] && [ "$TEST_ENV_NAME" != "$name" ]; then
continue
fi
read_ini $fullfn
cloudIp=${INI__cloud__ip}
cloudUser=${INI__cloud__user}
cloudPwd=${INI__cloud__passwd}
echo "add $cloudIp *.*.*.* into /etc/hosts"
sed -i "/^::1/a $cloudIp *.*.*.*" /etc/hosts
curl --header "Accept:application/vnd.docker.distribution.manifest.v2+json" -I -XGET -k https://*.*.*.*:5000/v2/agent/manifests/$imageTag 2>/dev/null >>/.image.txt
cat /.image.txt | grep Docker-Content-Digest | while IFS= read -r line; do
lineName=$(echo $line | cut -d':' -f1)
if [ $lineName == "Docker-Content-Digest" ];then
imageDigest=$(get_image_digest)
echo $imageDigest
echo "delete the last image in registry of today"
curl -XDELETE -k https://*.*.*.*:5000/v2/agent/manifests/$imageDigest
fi
done
rm -f /.image.txt
echo "pushing docker image \"$imageNameTag\"."
docker push "$imageNameTag"
sleep 20
echo "remove $cloudIp *.*.*.* in /etc/hosts"
sed -i "/rois/d" /etc/hosts
done
fi
echo "delete this image in local docker"
docker rmi "$imageNameTag"
rm -f /.temp.ini
echo "Complete."
Test
饿了