Linux通过curl访问docker.sock/API执行docker操作
来自三线的随记
官方API doc: https://docs.docker.com/engine/api/v1.41/
官方API doc(with example): https://docs.docker.com/engine/api/sdk/examples/
不同版本的docker的api doc: https://docs.docker.com/engine/api/#api-version-matrix
tips: Linux下对socket进行抓包
通过curl socket完成镜像拉取操作
基本报文
POST /v1.41/images/create?fromImage=10.82.123.123%2Fpublic%2Fmaven&tag=3.3.9-public HTTP/1.1 Host: docker User-Agent: Docker-Client/20.10.17 (linux) Content-Length: 0 Content-Type: text/plain
命令实现
curl --unix-socket /var/run/docker.sock "http://localhost/v1.41/images/create?fromImage=10.82.123.123%2Fpublic%2Fmaven&tag=3.3.9-public" -X POST
如果拉取镜像需要认证可以加上http header
X-Registry-Auth: eyJ1c2VybmFtZSI6ImFkbWluIiwicGFzc3dvcmQiOiJwYXNzd29yZCIsInNlcnZlcmFkZHJlc3MiOiIxMC44Mi4xMjMuMTIzIn0=
通过curl socket获取镜像dangling镜像信息
curl -s --unix-socket /var/run/docker.sock "http://localhost/v1.41/images/json?filters=\{\"dangling\":\[\"true\"\]\}"
通过curl socket获取指定名字(REPOSITORY)的镜像信息
注意是全名字匹配
curl -s --unix-socket /var/run/docker.sock "http:/v1.24/images/json?filters=\{\"reference\":\{\"mysql\":true\}\}"
[{"Containers":-1,"Created":1602576181,"Id":"sha256:8e85dd5c32558ea5c22cc4786cff512c1940270a50e7dbc21ad2df42f0637de4","Labels":null,"ParentId":"","RepoDigests":["mysql@sha256:86b7c83e24c824163927db1016d5ab153a9a04358951be8b236171286e3289a4"],"RepoTags":["mysql:8.0.21"],"SharedSize":-1,"Size":544193587,"VirtualSize":544193587},{"Containers":-1,"Created":1532654095,"Id":"sha256:6bb891430fb6e2d3b4db41fd1f7ece08c5fc769d8f4823ec33c7c7ba99679213","Labels":null,"ParentId":"","RepoDigests":["mysql@sha256:aaba540cdd9313645d892f4f20573e8b42b30e5be71c054b7befed2f7da5f85b"],"RepoTags":["mysql:5.7.22"],"SharedSize":-1,"Size":371941626,"VirtualSize":371941626}]
如果需要半匹配,用 * 号即可(测试下来发现好像只能省略后缀,不能省略前缀)
curl --unix-socket /var/run/docker.sock "http:/v1.24/images/json?filters=\{\"reference\":\{\"*m*\":true\}\}"
[{"Containers":-1,"Created":1665115518,"Id":"sha256:9622db9aed586c97c6a18d912b965f3d4c02fdf749650c7ee57a9a6b8cde3dd7","Labels":null,"ParentId":"","RepoDigests":null,"RepoTags":["sonarqube:8.9.9-community"],"SharedSize":-1,"Size":499466355,"VirtualSize":499466355},{"Containers":-1,"Created":1612947183,"Id":"sha256:8415759abc07b3d3dcd43cecd924caa3ed68bc5d4a4166e50565a4a1b344a7e5","Labels":null,"ParentId":"","RepoDigests":null,"RepoTags":["node:14.15.5-stretch-slim"],"SharedSize":-1,"Size":166658514,"VirtualSize":166658514},{"Containers":-1,"Created":1602576181,"Id":"sha256:8e85dd5c32558ea5c22cc4786cff512c1940270a50e7dbc21ad2df42f0637de4","Labels":null,"ParentId":"","RepoDigests":["mysql@sha256:86b7c83e24c824163927db1016d5ab153a9a04358951be8b236171286e3289a4"],"RepoTags":["mysql:8.0.21"],"SharedSize":-1,"Size":544193587,"VirtualSize":544193587},{"Containers":-1,"Created":1532654095,"Id":"sha256:6bb891430fb6e2d3b4db41fd1f7ece08c5fc769d8f4823ec33c7c7ba99679213","Labels":null,"ParentId":"","RepoDigests":["mysql@sha256:aaba540cdd9313645d892f4f20573e8b42b30e5be71c054b7befed2f7da5f85b"],"RepoTags":["mysql:5.7.22"],"SharedSize":-1,"Size":371941626,"VirtualSize":371941626}]
一个简单的通过socket进行清理dangling镜像的例子
#!/bin/env bash
docker_api_version=v1.41
curl_options=(
"-s"
"--unix-socket" "/var/run/docker.sock"
)
dangling_images=(`curl "${curl_options[@]}" "http://localhost/${docker_api_version}/images/json?filters=%7B%22dangling%22%3A%5B%22true%22%5D%7D&all=1" | jq -r .[].Id`)
echo "cleaning dangline images:"
for image in ${dangling_images[*]}
do
echo $image
(set -x; curl -X DELETE "${curl_options[@]}" "http://localhost/${docker_api_version}/images/$image" )
done
