Schedule image pruning

Available since MKE 3.5.3

MKE administrators can schedule the cleanup of unused images, whitelisting which images to keep. To determine which images will be removed, they can perform a dry run prior to setting the image-pruning schedule.

Schedule image pruning using the CLI

To perform a dry run without whitelisting any images:

Perform a dry run to determine which images will be pruned:

AUTHTOKEN=$(curl --silent --insecure --data '{"username":"<username>","password":"<password>"}' https://MKE_HOST/auth/login | jq --raw-output .auth_token)
curl --insecure -H "Authorization: Bearer $AUTHTOKEN" https://MKE_HOST/api/ucp/images/prune/dry

Example response:

[
   {
      "Containers":-1,
      "Created":1647029986,
      "Id":"sha256:2fb6fc2d97e10c79983aa10e013824cc7fc8bae50630e32159821197dda95fe3",
      "Labels":null,
      "ParentId":"",
      "RepoDigests":[
         "busybox@sha256:caa382c432891547782ce7140fb3b7304613d3b0438834dce1cad68896ab110a"
      ],
      "RepoTags":[
         "busybox:latest"
      ],
      "SharedSize":-1,
      "Size":1239748,
      "VirtualSize":1239748
   }
]

To perform a dry run with whitelisted images:

1. Obtain the current MKE configuration file for your cluster.

2. Whitelist the images that should not be removed.

   Note

   Where possible, use the image ID to specify the image rather than the image name.

   For example:

   [[cluster_config.image_prune_whitelist]]
     key = "label"
     value = "<label-value>"
   
   [[cluster_config.image_prune_whitelist]]
     key = "before"
     value = "<image-id>"
   

   Refer to cluster_config.image_prune_whitelist (optional) for more information.

3. Upload the new MKE configuration file.

4. Perform a dry run to determine which images will be pruned:

   AUTHTOKEN=$(curl --silent --insecure --data '{"username":"<username>","password":"<password>"}' https://MKE_HOST/auth/login | jq --raw-output .auth_token)
   curl --insecure -H "Authorization: Bearer $AUTHTOKEN" https://MKE_HOST/api/ucp/images/prune/dry
   

   Example response:

   [
      {
         "Containers":-1,
         "Created":1647029986,
         "Id":"sha256:2fb6fc2d97e10c79983aa10e013824cc7fc8bae50630e32159821197dda95fe3",
         "Labels":null,
         "ParentId":"",
         "RepoDigests":[
            "busybox@sha256:caa382c432891547782ce7140fb3b7304613d3b0438834dce1cad68896ab110a"
         ],
         "RepoTags":[
            "busybox:latest"
         ],
         "SharedSize":-1,
         "Size":1239748,
         "VirtualSize":1239748
      }
   ]
   

To schedule image pruning:

1. Obtain the current MKE configuration file for your cluster.

2. Optional. Whitelist the images that should not be removed, if you have not already done so.

   Note

   Where possible, use the image ID to specify the image rather than the image name.

   For example:

   [[cluster_config.image_prune_whitelist]]
     key = "label"
     value = "<label-value>"
   
   [[cluster_config.image_prune_whitelist]]
     key = "before"
     value = "<image-id>"
   

   Refer to cluster_config.image_prune_whitelist (optional) for more information.

3. Set the value of image_prune_schedule to the desired cron schedule. Refer to cluster_config table (required) for more information.

   The following example schedules image pruning for every day at midnight:

   [cluster_config]
   
       image_prune_schedule = "0 0 0 * * *"
   

4. Upload the new MKE configuration file.

Schedule image pruning using the MKE web UI

Available since MKE 3.5.4

1. Log in to the MKE web UI as an administrator.

2. From the left-side navigation panel, navigate to <user name> > Admin Settings > Tuning and scroll to Image pruning config.

3. Enter the desired pruning schedule.

4. Optional. Select the desired whitelist rules.

5. Optional. Test your image pruning configuration by clicking Start a dry run under Test configuration.