A simple Docker container and image garbage collection script.
- Containers that exited more than an hour ago are removed.
- Images that don't belong to any remaining container after that are removed.
Although docker normally prevents removal of images that are in use by
containers, we take extra care to not remove any image tags (e.g., ubuntu:14.04,
busybox, etc) that are in use by containers. A naive docker rmi $(docker images -q) will leave images stripped of all tags, forcing docker to re-pull the
repositories when starting new containers even though the images themselves are
still on disk.
This script is intended to be run as a cron job. You can also run it as a Docker container (see below).
Build the debian package:
$ apt-get install git devscripts debhelper
$ git clone https://github.com/spotify/docker-gc.git
$ cd docker-gc
$ debuild -us -uc -b$ dpkg -i ../docker-gc_0.0.4_all.debThis installs the docker-gc script into /usr/sbin and drops a docker-gc
cron file into /etc/cron.hourly/.
To use the script manually, run docker-gc.
There can be images that are large that serve as a common base for
many application containers, and as such, make sense to pin to the
machine, as many derivative containers will use it. This can save
time in pulling those kinds of images. There may be other reasons to
exclude images from garbage collection. To do so, create
/etc/docker-gc-exclude, or if you want the file to be read from
elsewhere, set the EXCLUDE_FROM_GC environment variable to its
location. This file can contain image name patterns (in the grep
sense), one per line, such as spotify/cassandra:latest or it can
contain image ids (truncated to the length shown in docker images
which is 12.
An example excludes file might contain:
spotify/cassandra:latest
9681260c3ad5
There can also be containers (for example data only containers) which
you would like to exclude from garbage collection. To do so, create
/etc/docker-gc-exclude-containers, or if you want the file to be
read from elsewhere, set the EXCLUDE_CONTAINERS_FROM_GC environment
variable to its location. This file should container name patterns (in
the grep sense), one per line, such as mariadb-data.
An example excludes file might contain:
mariadb-data
drunk_goodall
A Dockerfile is provided as an alternative to a local installation. By default the container will start up, run a single garbage collection, and shut down.
docker build -t spotify/docker-gc .The docker-gc container requires access to the docker socket in order to function, so you need to map it when running, e.g.:
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock spotify/docker-gc