Schedule image pruning

Available since MKE 3.5.3

MKE administrators can schedule the cleanup of unused images, whitelisting which images to keep. To determine which images will be removed, they can perform a dry run prior to setting the image-pruning schedule.

To perform a dry run without whitelisting any images:

Perform a dry run to determine which images will be pruned:

AUTHTOKEN=$(curl --silent --insecure --data '{"username":"<username>","password":"<password>"}' https://MKE_HOST/auth/login | jq --raw-output .auth_token)
curl --insecure -H "Authorization: Bearer $AUTHTOKEN" https://MKE_HOST/api/ucp/images/prune/dry

Example response:

[
   {
      "Containers":-1,
      "Created":1647029986,
      "Id":"sha256:2fb6fc2d97e10c79983aa10e013824cc7fc8bae50630e32159821197dda95fe3",
      "Labels":null,
      "ParentId":"",
      "RepoDigests":[
         "busybox@sha256:caa382c432891547782ce7140fb3b7304613d3b0438834dce1cad68896ab110a"
      ],
      "RepoTags":[
         "busybox:latest"
      ],
      "SharedSize":-1,
      "Size":1239748,
      "VirtualSize":1239748
   }
]

To perform a dry run with whitelisted images:

1. Obtain the current MKE configuration file for your cluster.

2. Whitelist the images that should not be removed. For example:

   [[cluster_config.image_prune_whitelist]]
     key = "label"
     value = "important_image"
   
   [[cluster_config.image_prune_whitelist]]
     key = "reference"
     value = "system-tools/*"
   

   Refer to cluster_config.image_prune_whitelist (optional) for more information.

3. Upload the new MKE configuration file.

4. Perform a dry run to determine which images will be pruned:

   AUTHTOKEN=$(curl --silent --insecure --data '{"username":"<username>","password":"<password>"}' https://MKE_HOST/auth/login | jq --raw-output .auth_token)
   curl --insecure -H "Authorization: Bearer $AUTHTOKEN" https://MKE_HOST/api/ucp/images/prune/dry
   

   Example response:

   [
      {
         "Containers":-1,
         "Created":1647029986,
         "Id":"sha256:2fb6fc2d97e10c79983aa10e013824cc7fc8bae50630e32159821197dda95fe3",
         "Labels":null,
         "ParentId":"",
         "RepoDigests":[
            "busybox@sha256:caa382c432891547782ce7140fb3b7304613d3b0438834dce1cad68896ab110a"
         ],
         "RepoTags":[
            "busybox:latest"
         ],
         "SharedSize":-1,
         "Size":1239748,
         "VirtualSize":1239748
      }
   ]
   

To schedule image pruning:

1. Obtain the current MKE configuration file for your cluster.

2. Optional. Whitelist the images that should not be removed, if you have not done so already. For example:

   [[cluster_config.image_prune_whitelist]]
     key = "label"
     value = "important_image"
   
   [[cluster_config.image_prune_whitelist]]
     key = "reference"
     value = "system-tools/*"
   

   Refer to cluster_config.image_prune_whitelist (optional) for more information.

3. Set the value of image_prune_schedule to the desired cron schedule. Refer to cluster_config table (required) for more information.

   The following example schedules image pruning for every day at midnight:

   [cluster_config]
   
       image_prune_schedule = "0 0 0 * * *"
   

4. Upload the new MKE configuration file.