On Wed, Jun 19, 2019 at 12:03 PM Sage Weil <sweil(a)redhat.com> wrote:
I'm not sure I read this paragraph correctly. Are
you saying we should use
quay? Or that garbage collection is hard in general? Because I think the
single oc adm prune command above is all that we need... we'll be
publishing a zillion ci-built containers and trim them after 2 weeks.
What's missing?
Yes, if I were doing this over, I would spend the time trying to make
it all work with quay.io instead of running our own registry.
Running that oc prune command in cron is just the tip of the iceberg
trying to operationalize this. For example with OpenShift 3.6, there
was a bug with the way OpenShift (or docker-distribution, or whatever)
writes incoming files to NFS, so "docker push" just fails. There is no
workaround, and the only fix is to upgrade to newer versions of
OpenShift 3.
We're already struggling to keep our Jenkins masters updated for
security patches, and a public OpenShift/Kubernetes infrastructure
will compound the problem.
- Ken