Add timed cleanup script to handle old Docker data

The Docker image cache does not get emptied automatically and can take up significant disk space. In addition, old networks can leave iptables rules, network devices and routing table entries behind. This patch adds a periodic timer job to delete this data where it is safe to do so and won't impact existing containers. Change-Id: I7045fcbb8bcd7a9744cc35fb2668016bacab4f1b
2021-01-07 08:52:47 +00:00 · 2021-01-07 08:52:47 +00:00 · 6045bac2e8
commit 6045bac2e8
parent a442926158
3 changed files with 36 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -100,6 +100,14 @@ zun_docker_users:
 # version will be used as determined by the client version information.
 zun_docker_api_version: false

+# Time period for which to clean up old Docker data. The options are hour, day,
+# month, or year. (string value)
+zun_docker_prune_frequency: hour
+
+# Which Docker data to clean up when running the above periodic task
+zun_docker_prune_images: True
+zun_docker_prune_networks: True
+
 ## Manually specified zun UID/GID
 # Deployers can specify a UID for the zun user as well as the GID for the
 # zun group if needed. This is commonly used in environments where shared
@ -268,6 +276,18 @@ zun_services:
    init_config_overrides: "{{ zun_wsproxy_init_overrides }}"
    start_order: 2
    execstarts: "{{ zun_bin }}/zun-wsproxy --config-dir /etc/zun"
+  zun-docker-cleanup:
+    group: zun_compute
+    service_name: zun-docker-cleanup
+    init_config_overrides: "{{ zun_docker_cleanup_init_overrides }}"
+    start_order: 5
+    execstarts: "{{ zun_bin }}/zun-docker-cleanup"
+    timer:
+      state: started
+      options:
+        OnBootSec: 30min
+        OnCalendar: "{{ (zun_docker_prune_frequency == 'day') | ternary('daily', zun_docker_prune_frequency+'ly') }}"
+        Persistent: true

 # Common pip packages
 zun_pip_packages:
@ -322,3 +342,4 @@ zun_api_init_overrides: {}
 zun_wsproxy_init_overrides: {}
 zun_compute_init_overrides: {}
 zun_kuryr_init_overrides: {}
+zun_docker_cleanup_init_overrides: {}
--- a/tasks/zun_compute.yml
+++ b/tasks/zun_compute.yml
@ -264,3 +264,11 @@
    name: multipathd
    state: started
    enabled: yes
+
+- name: Create script to clean up old Docker data
+  template:
+    src: "zun-docker-cleanup.j2"
+    dest: "{{ zun_bin }}/zun-docker-cleanup"
+    owner: "root"
+    group: "root"
+    mode: "0755"
--- a/templates/zun-docker-cleanup.j2
+++ b/templates/zun-docker-cleanup.j2
@ -0,0 +1,7 @@
+#!/bin/bash
+{% if zun_docker_prune_images %}
+docker image prune -a -f --filter "until=1h"
+{% endif %}
+{% if zun_docker_prune_networks %}
+docker network prune -f --filter "until=1h"
+{% endif %}