remove tagged Docker image from private registry

There seems to be no simple method to do remove images from the registry as of today and looks like its a feature for registry 2.1 milestone.

One of the options what we have today with this not working

[email protected] remove-registry]$ curl -X DELETE localhost:5000/v2/alpine/manifests/v1
{"errors":[{"code":"UNSUPPORTED","message":"The operation is unsupported."}]}
[[email protected] remove-registry]$ 

is to manually remove it from the registry itself. Just to avoid removing wrong file accidentally, I tested it with this script from github. I take no guarantee on how this script works (though I checked it quickly before I tested it).

So, I made a test and that seems to work :)

[1] I presume that, you are running a registry with docker itself.

[[email protected] remove-registry]$ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
88f8e1a1d7a7        registry:2          "/bin/registry /etc/d"   37 minutes ago      Up 37 minutes       0.0.0.0:5000->5000/tcp   registry
[[email protected] remove-registry]$ 

[2] I created a minimal Dockerfile with just FROM alpine content and created alpine:v1 and pushed to my private registry running on localhost:5000. Querying it from registry, it returned as expected.

[[email protected] remove-registry]$ curl -X GET localhost:5000/v2/alpine/tags/list
{"name":"alpine","tags":["v1"]}
[[email protected] remove-registry]$ 

[3] Then I log into the registry with docker exec and checked the disk usage before I do my experiment

[email protected]:/# du -sch /var/lib/registry/                     
2.5M    /var/lib/registry/
2.5M    total
[email protected]:/# 

[4] After returning back to my host I copied a heavy file (mongodb.tgz) into my container and created a built and pushed version v2.

[[email protected] remove-registry]$ docker build -t localhost:5000/alpine:v2 .
Sending build context to Docker daemon 61.99 MB
Step 1 : FROM alpine
 ---> 2314ad3eeb90
Step 2 : COPY mongodb.tgz /mongodb.tgz
 ---> d7c7645a3fe2
Successfully built d7c7645a3fe2
[[email protected] remove-registry]$ docker push localhost:5000/alpine:v2
The push refers to a repository [localhost:5000/alpine] (len: 1)
d7c7645a3fe2: Pushed 
5ff05309724e: Image already exists 
v2: digest: sha256:7bea1ec2910170bd88412b622aee6129791673cf1fd8c0e1e34f15ec26428774 size: 4467
[[email protected] remove-registry]$ 

[5] After checking the size again in the registry, it has increased to 62MB:

[email protected]:/# du -sch /var/lib/registry/                                                                               
62M /var/lib/registry/
62M total
[email protected]:/# 

[6] In order to run delete_docker_registry_image, you need to get the script into the container which is hosting the registry, one option to do this is with curl. Also, this script requires jq.

[email protected]:/# apt-get update && apt-get install -y curl jq
...
[email protected]:/#

[7] Run the script, try with --dry-run option first and do not forget the version tag (v2 in this case), there is also a good -h

[email protected]:/# delete_docker_registry_image --image alpine:v2 --dry-run
DRY_RUN: would have deleted tag directory: repositories/alpine/_manifests/tags/v2
DRY_RUN: would have deleted manifest revision: repositories/alpine/_manifests/revisions/sha256/7bea1ec2910170bd88412b622aee6129791673cf1fd8c0e1e34f15ec26428774
DRY_RUN: would have deleted directory: blobs/sha256/e2/e2cc9aed084e01fa5cf93c09121035ac4d712113425ae68b678c28591beec5c6
DRY_RUN: would have deleted directory: blobs/sha256/7a/7ada67971e952e353ab14d8f9bdd4e41e4c41099b05a5da09f2700b51d93908a
DRY_RUN: would have deleted directory: blobs/sha256/7b/7bea1ec2910170bd88412b622aee6129791673cf1fd8c0e1e34f15ec26428774
DRY_RUN: would have deleted layer metadata directory: repositories/alpine/_layers/sha256/e2cc9aed084e01fa5cf93c09121035ac4d712113425ae68b678c28591beec5c6
[email protected]:/# delete_docker_registry_image --image alpine:v2          
[email protected]:/#

[8] And voila !!

[email protected]:/# du -sch /var/lib/registry/                     
2.5M    /var/lib/registry/
2.5M    total
[email protected]:/#