101 lines
2.8 KiB
YAML
101 lines
2.8 KiB
YAML
# services/maintenance/node-image-sweeper-script.yaml
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: node-image-sweeper-script
|
|
namespace: maintenance
|
|
data:
|
|
node_image_sweeper.sh: |
|
|
#!/bin/sh
|
|
set -eu
|
|
|
|
ONE_SHOT=${ONE_SHOT:-false}
|
|
THRESHOLD_DAYS=14
|
|
|
|
usage=$(df -P /host | awk 'NR==2 {gsub(/%/,"",$5); print $5}') || usage=""
|
|
if [ -n "${usage}" ] && [ "${usage}" -ge 70 ]; then
|
|
THRESHOLD_DAYS=3
|
|
fi
|
|
|
|
cutoff=$(python3 - <<'PY'
|
|
import time, os
|
|
print(int(time.time()) - int(os.environ.get("THRESHOLD_DAYS", "14")) * 86400)
|
|
PY
|
|
)
|
|
|
|
RUNNING=$(chroot /host /bin/sh -c "crictl ps -a --quiet 2>/dev/null" | tr -s ' ' '\n' | sort -u | tr '\n' ' ')
|
|
IMAGES_JSON=$(chroot /host /bin/sh -c "crictl images -o json 2>/dev/null" || echo '{}')
|
|
|
|
SKIP="registry.k8s.io/pause k8s.gcr.io/pause rancher/mirrored-pause"
|
|
|
|
prune_list=$(printf "%s" "${IMAGES_JSON}" | CUTOFF="${cutoff}" RUNNING="${RUNNING}" SKIP="${SKIP}" python3 - <<'PY'
|
|
import json, os, sys, time
|
|
|
|
try:
|
|
data = json.load(sys.stdin)
|
|
except Exception:
|
|
print("", end="")
|
|
sys.exit(0)
|
|
|
|
cutoff = int(os.environ.get("CUTOFF", "0"))
|
|
running = set(os.environ.get("RUNNING", "").split())
|
|
skip = os.environ.get("SKIP", "").split()
|
|
now = int(time.time())
|
|
prune = []
|
|
|
|
|
|
def is_skip(tags):
|
|
if not tags:
|
|
return False
|
|
for t in tags:
|
|
for prefix in skip:
|
|
if prefix and t.startswith(prefix):
|
|
return True
|
|
return False
|
|
|
|
|
|
for img in data.get("images", []):
|
|
image_id = img.get("id", "")
|
|
if not image_id:
|
|
continue
|
|
if image_id in running:
|
|
continue
|
|
tags = img.get("repoTags") or []
|
|
if is_skip(tags):
|
|
continue
|
|
created = img.get("createdAt") or 0
|
|
try:
|
|
created = int(str(created)) // 1000000000
|
|
except Exception:
|
|
created = 0
|
|
if created and created > now:
|
|
created = now
|
|
if cutoff and created and created < cutoff:
|
|
prune.append(image_id)
|
|
|
|
seen = set()
|
|
for p in prune:
|
|
if p in seen:
|
|
continue
|
|
seen.add(p)
|
|
print(p)
|
|
PY
|
|
)
|
|
|
|
if [ -n "${prune_list}" ]; then
|
|
printf "%s" "${prune_list}" | while read -r image_id; do
|
|
if [ -n "${image_id}" ]; then
|
|
chroot /host /bin/sh -c "crictl rmi --prune ${image_id}" || true
|
|
fi
|
|
done
|
|
fi
|
|
|
|
find /host/var/lib/rancher/k3s/agent/images -type f -name "*.tar" -mtime +7 -print -delete 2>/dev/null || true
|
|
find /host/var/lib/rancher/k3s/agent/containerd -maxdepth 1 -type f -mtime +7 -print -delete 2>/dev/null || true
|
|
|
|
if [ "${ONE_SHOT}" = "true" ]; then
|
|
exit 0
|
|
fi
|
|
|
|
sleep infinity
|