执行前须安装jq(json解析工具)
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum install jq -y
shell脚本如下,需要放置harbor机器执行:
#!/bin/bash
set -e
HARBOR_URL=xxxx.xxxx.xxxx
HARBOR_USER=user
HARBOR_PASSWD=password
#最大保留镜像个数。超过后的删除。
OLD_VERSION_NUM=20
#获取仓库项目列表
function get_projects_list(){
projects_list=$(curl -s -k -u ${HARBOR_USER}:${HARBOR_PASSWD} "https://${HARBOR_URL}/api/v2.0/projects?page=1&page_size=100")
mkdir -p $PWD/projectsList
echo "${projects_list}" | jq '.[]' | jq -r '.name' > $PWD/projectsList/projectsList.txt
}
#获取每个项目下仓库列表
function get_repos_list(){
mkdir -p $PWD/reposList
for project in $(cat $PWD/projectsList/projectsList.txt);do
repos_list=$(curl -s -k -u ${HARBOR_USER}:${HARBOR_PASSWD} "https://${HARBOR_URL}/api/v2.0/projects/${project}/repositories?page=1&page_size=100")
echo "${repos_list}" | jq '.[]' | jq -r '.name'| awk -F "/" '{print $2}' > $PWD/reposList/${project}.txt
done
}
#获取每个仓库下镜像digest列表
function get_tag_list(){
for project in $(cat $PWD/projectsList/projectsList.txt)
do
for repo in `cat $PWD/reposList/${project}.txt`
do
mkdir -p $PWD/tagsList/$project/$repo
curl -s -k -u ${HARBOR_USER}:${HARBOR_PASSWD} "https://${HARBOR_URL}/api/v2.0/projects/${project}/repositories/${repo}/artifacts?page=1&page_size=100&with_tag=true&wi
th_label=false&with_scan_overview=false&with_signature=false&with_immutable_status=false" | jq '.[]' | jq -r '.digest' > $PWD/tagsList/$project/$repo/tags.txt
done
done
}
#遍历每个项目下每个仓库执行镜像删除
function delete_images(){
for project in $(cat $PWD/projectsList/projectsList.txt)
do
for repo in `cat $PWD/reposList/${project}.txt`
do
TOTAL_NUN=`cat $PWD/tagsList/$project/$repo/tags.txt |wc -l `
if [ $TOTAL_NUN -gt $OLD_VERSION_NUM ];then
DELETE_NUN=`echo $TOTAL_NUN - $OLD_VERSION_NUM | bc `
tail -n $DELETE_NUN $PWD/tagsList/$project/$repo/tags.txt > $PWD/tagsList/$project/$repo/tags-deleted.txt
echo "################## ${project}/${repo} have $DELETE_NUN images need to delete ###############################################"
echo "#######################begine delete ${project}/${repo} images###################################"
for i in `cat $PWD/tagsList/$project/$repo/tags-deleted.txt`
do
IMAGE_NAME=`curl -s -k -u ${HARBOR_USER}:${HARBOR_PASSWD} "https://${HARBOR_URL}/api/v2.0/projects/${project}/repositories/${repo}/artifacts/${i}?page=1&page_
size=10&with_tag=true&with_label=false&with_scan_overview=false&with_signature=false&with_immutable_status=false" | jq -r '.tags' | jq -r '.[]' | jq -r '.name'`
echo "######################### delete image $HARBOR_URL/$project/$repo:$IMAGE_NAME #################"
curl -X 'DELETE' -u ${HARBOR_USER}:${HARBOR_PASSWD} "https://${HARBOR_URL}/api/v2.0/projects/${project}/repositories/${repo}/artifacts/${i}"
echo "######################## delete image $HARBOR_URL/$project/$repo:$IMAGE_NAME success #########"
done
echo "####################### ${project}/${repo} images have deleted success###################################"
echo "*********************************************************************************************************"
fi
done
done
}
#启动容器,执行harbor gc 回收
function clean_registry(){
# image_name=$(docker ps | grep registry | grep photon | awk -F " " '{print $2}')
# docker run -it --name gc --rm --volumes-from registry ${image_name} garbage-collect /etc/registry/config.yml
docker run -it --name gc --rm --volumes-from registry vmware/registry:2.6.2-photon garbage-collect /etc/registry/config.yml
}
function entrance(){
get_projects_list
get_repos_list
get_tag_list
delete_images
clean_registry
}
entrance
定时清理添加定时任务:
crontab -e
00 3 * * * /opt/docker-clean/harbor-clean.sh > /opt/docker-clean/harbor-clean.log 2>&1