search

anchore / anchore-engine

A service that analyzes docker images and scans for vulnerabilities
Apache License 2.0
1.57k stars 273 forks source link

Cannot reclaim disk space without outage #1373

Open verma-preet opened 2 years ago

verma-preet commented 2 years ago

Is this a request for help?: Yes

Version of Anchore Engine and Anchore CLI if applicable: anchore-cli version: 0.9.2 anchore engine version: v0.10.0

What happened: anchore_anchore-db-volume and anchore_analyzer eats up the disk space quite rapidly given the huge volume of images we scan. We run out of the disk space very frequently, despite giving 100G to anchore. I haven't found a good way to clean up the docker volume other than

This causes an outage and evidently not a happy path.

I have also tried to delete the scanned/analyzed images but that doesn't seem to free up any space. This same issue is also brought up in https://github.com/anchore/anchore-engine/issues/1362. The suggested solution is to change vacuum settings on postgres but we are using the postgres service from anchore which we don't directly modify.

What did you expect to happen: Anchore should have some config or scripts to gracefully clean up the docker volume, without having to stop and restart anchore docker services. As an additional note, we don't need to keep the old images around and are ok to wipe them as long as we can do it while the anchore services stay up and running.