jtb*_*lin 9 docker dockerhub docker-registry
我们想在开始部署之前自动检查公共注册中心(Docker Hub)中是否存在图像.使用v1 API,我们只会查询https://index.docker.io/v1/repositories/gliderlabs/alpine/tags/3.2示例.
但是现在注册表的官方API是v2,检查公共注册表中图像是否存在的官方方法是什么?
V1
$ curl -i https://index.docker.io/v1/repositories/gliderlabs/alpine/tags/latest
HTTP/1.1 200 OK
Server: nginx/1.6.2
Date: Tue, 11 Aug 2015 10:02:09 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Vary: Cookie
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
[{"pk": 20307475, "id": "5bd56d81"}, {"pk": 20355979, "id": "511136ea"}]
v2:
$ curl -i https://index.docker.io/v2/repositories/gliderlabs/alpine/tags/latest
HTTP/1.1 301 MOVED PERMANENTLY
Server: nginx/1.6.2
Date: Tue, 11 Aug 2015 10:04:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Location: https://index.docker.io/v2/repositories/gliderlabs/alpine/tags/latest/
Strict-Transport-Security: max-age=31536000
$ curl -i https://index.docker.io/v2/repositories/gliderlabs/alpine/tags/latest/
HTTP/1.1 301 MOVED PERMANENTLY
Server: nginx/1.6.2
Date: Tue, 11 Aug 2015 10:04:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Location: https://registry.hub.docker.com/v2/repositories/gliderlabs/alpine/tags/latest/
Strict-Transport-Security: max-age=31536000
$ curl -i https://registry.hub.docker.com/v2/repositories/gliderlabs/alpine/tags/latest/
HTTP/1.1 200 OK
Server: nginx/1.6.2
Date: Tue, 11 Aug 2015 10:04:34 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Vary: Cookie
X-Frame-Options: SAMEORIGIN
Allow: GET, DELETE, HEAD, OPTIONS
Strict-Transport-Security: max-age=31536000
{"name": "latest", "full_size": 5250074, "id": 130839, "repository": 127805, "creator": 152141, "last_updater": 152141, "image_id": null, "v2": false}
我是否应该坚持使用v1网址,即使它现在已被弃用或使用v2网址但是没有关于它的文档?如果我使用v2,我应该直接使用https://registry.hub.docker.com/v2/还是继续使用https://index.docker.io/v1/并遵循重定向?
上游的download-frozen-image-v2.sh脚本应该有一定的用途,至少作为一个像样的 API 示例(https://github.com/docker/docker/blob/6bf8844f1179108b9fabd271a655bf9eaaf1ee8c/contrib/download-frozen-image-v2.sh#L47-L54)。
主要的关键是您需要点击registry-1.docker.io而不是点击index.docker.io,并且您需要来自auth.docker.io(https://auth.docker.io/token?service=registry.docker.io&scope=repository:gliderlabs/alpine )的“令牌” :pull),即使您只是请求对公共存储库的只读访问权限。获得该令牌后,您可以使用https://registry-1.docker.io/v2/gliderlabs/alpine/manifests/latest标Authorization头,该标头将返回图像的 JSON 清单或出现 404 错误。
token="$(curl -sSL "https://auth.docker.io/token?service=registry.docker.io&scope=repository:$image:pull" | jq --raw-output .token)"
curl -fsSL -H "Authorization: Bearer $token" "https://registry-1.docker.io/v2/$image/manifests/$digest"
| 归档时间: |
|
| 查看次数: |
3211 次 |
| 最近记录: |