Housekeep your local image registry

Image by 👀 Mabel Amber, who will one day from Pixabay

You may have a local image registry setup (using docker.io/registry:2) where you manage your own images. But after a while, housekeeping is required.

Remove individual image

Instead of calling some of the registry API through curl, let’s use the tool called crane from the go-containerregistry repo.

Download the tool from releases, untar it,

sudo mv crane /usr/local/bin

Now login to the local registry

crane auth login localhost:5000 -u username -p password

List the catalog,

crane catalog localhost:5000 --insecure

As I am using self-sign cert, add the — insecure flag. If the cert is updated in the system’s trusted cert and you are running the command locally on the server, then this flag is not required.

From the above output, select a repo, list all its tags,

$ crane ls localhost:5000/cp/ibm-mqadvanced-server --insecure
9.2.0.0-r2-amd64
9.2.0.0-r1-amd64
9.2.0.0-r2
9.1.5.0-r2-amd64
9.2.0.0-r2-s390x

Now let's say we want to remove the tag “9.2.0.0-r1-amd64” from the registry. First get the digest value of the image,

$ crane --insecure digest…