Closed grzleadams closed 2 months ago
Looks like this is doable via API, maybe just not via CLI?
curl -vvv -uadmin -XPOST -H "Content-Type: application/json" -d '{"tag": "327-merge"}' https://pulp.k8s.carnegierobotics.com/pulp/api/v3/repositories/container/container-push/0190135f-8d28-788c-aee3-ae2523804ca9/untag/
Edit: while this kicked a task it actually didn't remove the tag or any content. :(
try specifying repo type via CLI like :pulp container repository --type push untag --tag
@grzleadams while it might not be very straightforward, the untagging operation simply removes the 'label' from the image, the image stays in the repo and can be retrieved by digest. if you want to remove it from repo you should use /remove_image
by specifying its' digest. This operation will remove the image, its blobs and also tags.
I am not sure however whether this is available in cli so rely rather on api
Okay, makes sense. Just to confirm, I'll also need to set retain-repo-versions
to some small number for that container-push repository and run an orphan cleanup
before I'll reclaim all the space used by these tags/manifests, right?
yes, you got it right.
one last note, while running orphan clean up, mind the orphan_protection_time setting. By default it is 24h, so if you want to see an immediate result in cleaning up the disk space you should adjust that value.
and the very last thing, if you notice that you did not clean up as much space as you initially were expecting that might be due to the fact that some blobs were not removed ( and they are the entities that usually take the most space, not manifest/tags). That's because images share blobs and you could have an image in another repo.
Closing this issue, if you face troubles let us know.
Good call on orphan_protection_time
... it was definitely doing its job!
images share blobs and you could have an image in another repo
Understood, I just wanted to make sure that old versions of the repositories could be keeping manifests/tags/blobs around if I didn't set --retain-repo-versions 1
or whatever.
Somewhat related, does the Pulp project have a repository of admin/user scripts anywhere that people can contribute to? I wrote up a Python script to do the cleanup described here, might be useful to others.
Good call on
orphan_protection_time
... it was definitely doing its job!images share blobs and you could have an image in another repo
Understood, I just wanted to make sure that old versions of the repositories could be keeping manifests/tags/blobs around if I didn't set
--retain-repo-versions 1
or whatever.
Yes, content would be staying around in the repo because of X repo versions so setting to 1 is correct thing to do.
Somewhat related, does the Pulp project have a repository of admin/user scripts anywhere that people can contribute to? I wrote up a Python script to do the cleanup described here, might be useful to others.
We do not have a dedicated repo for such assets, however, creating one should not be a problem, I'll ask around. I could see this being shared in the documentation section in meantime. There are tutorials and how-to-guides https://pulpproject.org/pulp_container/
@grzleadams, for now, you can create a gist and share the script through a new discourse post. Later on, we are planning to create a dedicated section in our documentation that will host/reference all the utilities/workflows/admin scripts submitted by the users.
Adding @pedro-psb for visibility. This decision was made at today's pulpcore meeting.
We want to do some cleanup of images that users have pushed to Pulp. We didn't pre-create repositories for those images so they exist in container-push. How can I untag images there? I've tried something like:
But it complains that that's not a valid href for a repository. I feel like I'm missing something super-simple here but I can't think what it would be...