Last active
May 22, 2023 16:10
-
-
Save stdevPavelmc/93f58a732d3f22a9e6ce3ee54293988c to your computer and use it in GitHub Desktop.
Microk8s own registry on http://localhost:32000/ can get your drive full with time if you have a lot of images and/or tags; so I made a script based on solutions out in the internet about it, but it's an all in one; Just copy it to your server and run it weekly, monthly or wharever schedule fits you.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Author: Pavel Milanes <[email protected]> | |
| # Goal: Prune the microk8s registry from unused images | |
| # Date: May 2023 | |
| # force install needed tools: git, python3-pip, jq, curl... | |
| apt-get install git python3-pip curl jq -y | |
| # get the list of runing container images, install the soft if not there | |
| running=/tmp/running | |
| if [ ! -d /root/microk8s_prune/ ] ; then | |
| # install microk8s prune | |
| cd /root/ | |
| git clone https://github.com/microk8s/microk8s.git | |
| cd microk8s_prune/ | |
| # install dependencies | |
| pip install -r requirements.txt | |
| fi | |
| # get the list | |
| env PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION=python \ | |
| /usr/bin/python3 /root/microk8s_prune/microk8s_prune.py c > $running | |
| # WARNING if the resulting file has no C: at the start of each line and at least | |
| # 20 lines, stop! you can erase images being used! | |
| test=$(cat $runing | grep -e "^C\: .*$" | wc -l) | |
| if [ $test -lt 20 ] ; then | |
| # Fail | |
| echo "Warning the result of the running container is weird, not cleaning up" | |
| exit 1 | |
| fi | |
| # fun starts here | |
| registry=http://localhost:32000 | |
| repositories=$(curl ${registry}/v2/_catalog) | |
| # cycle on the repositories | |
| for repo in $(echo "${repositories}" | jq -r '.repositories[]'); do | |
| # skip is no repo | |
| if [ -z "$repo" ]; then continue; fi | |
| # get the tags for that repo | |
| tags=$(curl -sSL "${registry}/v2/${repo}/tags/list" | jq -r '.tags[]') | |
| # cycle on the tags | |
| for tag in $tags; do | |
| # check if the tag is running | |
| found=$(grep $tag $running) | |
| if [ -z "$found" ]; then | |
| echo "$repo/$tag is not running, can be deleted" | |
| # get the sha for that tag | |
| sha=$(curl -sSL -I \ | |
| -H "Accept: application/vnd.docker.distribution.manifest.v2+json" \ | |
| "${registry}/v2/${repo}/manifests/${tag}" |\ | |
| awk '$1 == "Docker-Content-Digest:" { print $2 }' |\ | |
| tr -d $'\r') | |
| # mark the tag as deteled [no real delete] | |
| curl -v -sSL -X DELETE "${registry}/v2/${repo}/manifests/${sha}" | |
| else | |
| echo "$tag is running, can't be deleted" | |
| fi | |
| done | |
| done | |
| # force registry to garbage collect images marked for deletion | |
| pod=$(/snap/bin/microk8s kubectl get pods --namespace="container-registry" | grep Running | awk '{print $1}') | |
| if [ "$pod" ] ; then | |
| # force garbage collect | |
| /snap/bin/microk8s kubectl exec --namespace="container-registry" ${pod} -- \ | |
| /bin/registry garbage-collect /etc/docker/registry/config.yml | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If you have a low pod count and the script refuses to clean giving you an output like this:
Warning the result of the running container is weird, not cleaning upJust adjust the count if the line 29 to match your cluster minimum pod count.