Hey there, what is the correct way of cleaning up ECR repositories/images? Qovery manages the cluster but it looks like every environment (mainly preview) leaves a repo on ECR which piles up over time and costs money.
Who can help? 
I noticed there is a variable in advanced cluster settings called registry.image_retention_time, which looks like the default is a year in seconds.
Will lowering this retrospectively delete all images that fall into the new retention time frame? Example: Would lowering this to 1 week instantly remove images that are 2 weeks old?
Hi @FlorianSuchan ,
do you have an example right now?
because when an environment is deleted (like in your case for preview envs) we also delete the images linked to those services.
@a_carrano For new environments I can confirm that this is the case but was that always like this? We are working with you for many years now and it looked like some old stuff remained.
We already cleaned up manually, all good now.
it has been like this for a loooong time (I can’t give you a precise date) but maybe it was some legacy stuff.
Recently there was a bug and the images weren’t deleted but only lasted for a few weeks and was fixed last week.
Regarding your change in the retention: if you set a very short retention timeframe (let’s say 7 days) you risk facing errors if you don’t re-deploy that specific service frequently (every 8,9 … days). The image might get deleted and Kubernetes won’t be able anymore to pull it for creating pods (resulting in an error ImagePullBackOff)
Actually, what would be the best practice to deal with old images just piling up in the repository?
We are deploying to our testing environment multiple times a week, so we have a ton of images in the corresponding repositories. I understand the logic of keeping the current image for as long as possible, and maybe a few versions before that (just for rollback purposes) - but no more than say 5, right?
I think it would be nice if Qovery could clean up after itself and just kept a (configurable) list of previous images - and deleted the rest.
1 Like
ECR actually allows a lifetime policy that does “keep x images”, so when you push x+1 it deletes the oldest. Unfortunately cluster-settings for now only allow x days.
If repositories get deleted when the preview env on Qovery gets removed, this would be the cleanest and safest way to do it.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.